Back to skill
Skillv1.0.0
ClawScan security
Crypto Funding Harvester · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 21, 2026, 3:41 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, manifest, and runtime instructions are consistent with its stated purpose (poll public exchange endpoints for funding rates and write results to /tmp); it does not request credentials or unrelated access.
- Guidance
- This skill appears coherent and limited to polling public exchange APIs and writing computed results to /tmp. Before installing: 1) Review the full funding_harvester.py file (the provided excerpt was truncated) to confirm there are no hidden network calls or post-install hooks; 2) Be aware output is stored in /tmp which may be readable by other local users/processes; 3) Confirm you are comfortable with a cron job making external HTTP requests every 15 minutes and consider rate limits / exchange terms of service; 4) Run the skill in a sandbox or isolated environment if you want to inspect its behavior before trusting it in production.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, clawhub.json (requires.requests), and the visible Python code all align: the skill polls public funding-rate endpoints (Hyperliquid, Binance, Bybit) and computes annualized funding rates. There are no unexpected credentials, binaries, or services requested.
- Instruction Scope
- noteInstructions and code operate within the stated scope (fetch public APIs, filter and save results to /tmp/funding_opportunities.json, run every 15 minutes). Note: the skill writes output to /tmp (an ephemeral, world-readable location on many systems) — this is expected but could expose results to other local processes.
- Install Mechanism
- okNo install script; clawhub.json lists a single pip dependency ('requests'), which the code uses. This is proportionate for HTTP polling. No arbitrary downloads or extract steps are present.
- Credentials
- okNo required environment variables or credentials. Declared optional env vars (MIN_ANNUALIZED_PCT, CROSS_EXCHANGE_SPREAD_THRESHOLD, REQUEST_TIMEOUT) are appropriate for tuning behavior and match usage in the code.
- Persistence & Privilege
- okThe skill is an automaton scheduled to run on a cron schedule (*/15 * * * *) and is not set to always:true. It does not request system-wide config changes or other skills' credentials. Autonomous invocation is allowed (platform default) but not unusual here.