v1.0.0

TokenSniff

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:53 AM.

Analysis

TokenSniff is an instruction-only crypto analysis skill with no code or install steps, but users should treat its trading recommendations and wallet/credential-related signals cautiously.

GuidanceThis skill appears safe to install from a code-execution perspective because it is instruction-only, but use it carefully: verify crypto data yourself, do not treat BUY or entry recommendations as financial advice, and never share private wallet credentials or seed phrases.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

🟢 80-100 = STRONG BUY ... Suggested entry ... Take profit targets ... Stop loss suggestion ... Position size

The skill asks the agent to give confident trading verdicts and strategy suggestions for speculative crypto assets, which can create over-trust even though it includes a disclaimer.

User impactA user could rely too heavily on the report and make risky trades based on model-generated analysis.

RecommendationTreat outputs as research prompts only, verify all on-chain and market data independently, and do not treat the skill as financial advice.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

Read `references/whale-signals.md` ... `references/momentum-indicators.md` ... `references/safety-checklist.md`

The skill references auxiliary documentation files, but the provided file manifest contains only SKILL.md.

User impactThe agent may be missing part of the intended scoring logic, which can reduce transparency and consistency of the analysis.

RecommendationThe publisher should include the referenced files or remove those references; users should be cautious about unsupported scoring claims.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceMediumStatusNote

metadata

Capability signals: crypto; requires-wallet; requires-sensitive-credentials ... Primary credential: none

The registry-level signals mention wallet and sensitive credentials, while the declared requirements do not define any credential contract or scope.

User impactIf the skill or an agent later asks for wallet secrets, API keys, seed phrases, or signing access, the permitted scope would be unclear from the metadata.

RecommendationDo not provide seed phrases, private keys, wallet passwords, browser sessions, or exchange credentials; use only public token contracts and public wallet addresses unless a clearly scoped credential flow is documented.