Moon Banking
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may call Moon Banking API endpoints using curl when responding to relevant user requests.
The skill directs the agent to run shell-based curl commands. This is central to the API-query purpose, but users should understand that installing it enables command-based authenticated API calls.
Use `exec` with `curl -s` (silent mode) and pipe to `jq` for clean, readable JSON output.
Only use this skill if you are comfortable with the agent making Moon Banking API requests through curl, and review requests that could consume quota or retrieve account-specific provider data.
The agent can use the configured Moon Banking API key to authenticate requests to the provider service.
The skill requires a sensitive provider API key. The credential is clearly declared and purpose-aligned with authenticated Moon Banking API access.
credentials:\n primary:\n key: MOON_BANKING_API_KEY\n description: API key for authenticating requests to https://api.moonbanking.com/v1 ...\n sensitive: true
Use a dedicated API key with the minimum plan/scope needed, keep it secret, and rotate it if you suspect exposure.