ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Yields Llama

v1.0.0

Query DeFi yield opportunities across chains using the yieldsllama CLI (powered by DeFi Llama API). Use when the user asks about DeFi yields, APY, best staki...

0· 39·0 current·0 all-time
by@lolieatapple
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (querying DeFi yields via DeFi Llama) matches the SKILL.md: it documents a CLI that queries yields.llama.fi, filters and sorts results, and caches responses. Requiring a built binary and an LLAMA_DOMAIN endpoint is coherent for this purpose.
Instruction Scope
Instructions include building from source, creating a .env file in the current working directory (LLAMA_DOMAIN), and caching API responses to data.json. These actions are within the CLI's scope but will create files in whatever directory the agent runs in (possible surprise/side effects). The SKILL.md does not instruct reading unrelated user files or secrets.
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs running the official rustup installer (https://sh.rustup.rs) and git-cloning a GitHub repo (https://github.com/0x9bb1/yieldsllama.git), then building and copying a binary into /usr/local/bin. The hosts used are known (rustup.rs and github.com) which reduces risk, but these steps implicitly run remote code and require elevated permissions to install into system PATH.
Credentials
Registry metadata lists no required env vars, but the runtime instructions require a .env file with LLAMA_DOMAIN (not a secret) and the tool will contact yields.llama.fi. No credentials or unrelated secrets are requested. The metadata/instructions mismatch (no declared env but .env required at runtime) is a minor inconsistency to be aware of.
Persistence & Privilege
always is false and the skill does not request permanent agent privileges. However installation instructions suggest placing a binary in /usr/local/bin (system-wide) and the tool creates a local cache file data.json; both are persistent changes to the host filesystem and may require root to perform.
Assessment
This skill appears to do what it claims, but it requires building and installing third‑party code and will create files in the directory where it runs. Before installing or running: (1) review the GitHub repository source (https://github.com/0x9bb1/yieldsllama) to ensure you trust it; (2) avoid running curl | sh blindly — prefer installing rustup from official docs or using a package manager you control; (3) run the build/install steps inside a container or VM if you want to limit system impact; (4) be aware the install copies a binary into /usr/local/bin (may need sudo) and the tool will create/modify a .env and data.json in the current working directory — run it from a safe/empty directory to avoid overwriting project config; (5) confirm network calls to yields.llama.fi are acceptable in your environment. If you want stronger assurance, ask the publisher for a release tarball + checksum or a prebuilt binary from a vetted source.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ajpjcx3ef65pbc868m5vfv584sgpe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments