BTC Monitor TalentverseX
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the skill can post its market report to the configured Discord channel using the user's bot token.
The skill can use a Discord bot credential to post messages, but this is disclosed, optional, and aligned with the stated alerting feature.
Optionally posts the report to Discord if enabled in config and the bot token exists in the environment
Enable Discord only when needed, use a least-privilege bot token, and confirm the configured channel ID before running.
If the cron helper is run, the monitor may keep running on schedule, writing logs and potentially sending Discord alerts if configured.
The helper can install a persistent scheduled cron job for recurring monitoring; this matches the scheduling purpose but continues running until removed.
(crontab -l 2>/dev/null | grep -v "$CRON_MARKER" || true; echo "$CRON_JOB") | crontab -
Run the cron setup only if recurring monitoring is desired, review the schedule in config.json first, and remove the marked crontab entry to disable it.
Running the helper will install or update Python packages on the system or active environment.
The optional install helper updates pip and installs the declared Python dependency, which is normal for this type of script but modifies the local environment.
python3 -m pip install --upgrade pip python3 -m pip install -r "$ROOT_DIR/requirements.txt"
Prefer running it inside a virtual environment and review requirements.txt before installation.