Skillv1.0.3

ClawScan security

AgentCanary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 22, 2026, 12:14 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (market intelligence API) matches its instructions and it requests no elevated system access, but there are marketing/metadata inconsistencies and practical risks around payment and API key handling that a user should review before using.
Guidance: This skill appears to be what it claims: an API-only market intelligence service. Before installing or using it, verify the operator and domain (visit agentcanary.ai from a trusted browser), and prefer depositing only a small test amount if you decide to fund an account. Confirm how your agent/runtime will store and send the apiKey so that the key is not exposed in LLM prompts, logs, or transcripts (use a secure secrets store or the platform's secure tool integration). The SKILL.md mentions a VirusTotal link and provides website links despite the registry metadata saying 'source: unknown' — consider asking the publisher for provenance (owner identity, company, or GitHub repo) and for API usage examples in your runtime environment before committing significant funds or automation.

Review Dimensions

Purpose & Capability: okThe SKILL.md describes an API-only market-intelligence service and the runtime instructions are limited to calling HTTPS endpoints under api.agentcanary.ai; there are no unrelated binaries, config paths, or environment variables requested. The resources the skill asks for (none) are proportionate to the described purpose.
Instruction Scope: noteInstructions stick to HTTP API calls and describe endpoints and polling patterns. Two practical concerns: (1) the service uses apiKey as a query parameter (apikey=YOUR_KEY) — the skill claims 'No secrets in prompt' but callers must ensure API keys are not injected into the LLM prompt or logs; how keys are supplied at runtime is not specified. (2) The onboarding requires making crypto deposits to a receiving address on external chains — depositing funds to an unfamiliar service carries financial and operational risk and is not something the agent can do on its own.
Install Mechanism: okNo install spec and no code files are present (instruction-only). Nothing will be written to disk by the skill itself; this is the lowest-risk install mechanism.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. That is consistent with an API-only skill that expects externally created API keys. There are no unexplained credential requests.
Persistence & Privilege: okThe skill is not set to always:true and uses normal autonomous invocation defaults. It does not request persistent system-level privileges or modify other skills' configs according to the provided metadata.