Skillv1.0.0

ClawScan security

Crypto Portfolio Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 19, 2026, 2:35 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description claims multi-chain portfolio tracking, but the instructions only show a 'tron' CLI example and the skill declares no dependencies or required credentials — this mismatch is inconsistent and needs clarification before trusting or installing it.
Guidance: This skill is inconsistent: it claims multi-chain functionality but only documents 'tron' CLI commands and declares no dependencies or credentials. Before installing or enabling it, ask the author to: (1) list required binaries and exact commands (e.g., tron/eth CLI tools), (2) describe how Ethereum/BSC support works (RPC endpoints, APIs, or explorer services), (3) declare any env vars or secrets it needs (RPC keys, API keys), and (4) provide a trusted source/homepage. Because the skill is instruction-only, the agent could attempt to run shell commands like 'tron ...' — run it in a sandbox or with limited permissions if you test it. If you don't get clear answers or a reputable source, treat it as untrusted.

Review Dimensions

Purpose & Capability: concernThe skill claims TRON/ETH/BSC support, holdings/profits/gas analysis and price alerts, but the runtime instructions only show example commands for a 'tron' CLI. No guidance is provided for Ethereum/BSC (e.g., eth/bsc CLI, RPC endpoints, or explorer APIs). The declared metadata lists no required binaries or tools, yet the docs imply a dependency on a 'tron' command-line tool.
Instruction Scope: noteSKILL.md is short and instruction-only; it suggests running 'tron wallet --address ...' and 'tron token ...' commands but does not explain where that 'tron' binary comes from, what permissions/network access it needs, or how to configure RPC/API keys. There are no instructions that explicitly exfiltrate data, but the vagueness gives the agent broad discretion (e.g., to run shell commands) without declared constraints.
Install Mechanism: okNo install spec and no code files are provided (instruction-only), which means nothing is written to disk by the skill itself. This is the lowest-risk install model, but it relies on external tools being present when the agent runs commands.
Credentials: noteThe skill requests no environment variables or credentials, which is consistent with the provided content. However, practical portfolio trackers usually require RPC endpoints, API keys, or explorer tokens for ETH/BSC/TRON — none are declared. This omission may be sloppy documentation or hide additional required configuration.
Persistence & Privilege: okThe skill does not request always=true and does not persist configuration. It is user-invocable and allows autonomous invocation (platform default). Those privileges are normal here and are not by themselves a concern.