Back to skill
Skillv0.1.1
ClawScan security
Bitpanda Official · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 4:07 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it implements a read-only Bitpanda CLI, only needs curl/jq and a Bitpanda API key, and its instructions match the code's behavior.
- Guidance
- This skill appears coherent and read-only, but before installing: 1) Verify the source repository (homepage link) and inspect the full scripts/bitpanda.sh contents locally (the provided manifest content was truncated in places). 2) Create a Bitpanda API key with the minimum (read-only) scopes and set BITPANDA_API_KEY in a secure environment variable; avoid using a key that allows trades/deposits/withdrawals. 3) Run the CLI locally first to confirm behavior and outputs. 4) Protect the API key (don't paste it into chat or share logs); rotate the key if you later remove the skill or suspect exposure. If you need higher assurance, ask for the complete script content and a commit history from the repo owner to review changes over time.
Review Dimensions
- Purpose & Capability
- okName/description (read-only Bitpanda queries) align with requested requirements: curl, jq, and a single BITPANDA_API_KEY. The code uses the Bitpanda developer API and only reads account data.
- Instruction Scope
- okSKILL.md instructs the agent to run the bundled bash CLI and the script's runtime actions are limited to calling Bitpanda endpoints, creating temporary files, and local JSON processing. The instructions do not request unrelated files, credentials, or external endpoints beyond developer.bitpanda.com.
- Install Mechanism
- okNo install spec — instruction-only plus a bundled script (no remote downloads or installers). This is low risk: nothing is fetched from unknown URLs during install.
- Credentials
- okOnly BITPANDA_API_KEY is required and is the primary credential; that is proportional for an API-based read-only skill. No other secrets, unrelated service credentials, or config paths are requested.
- Persistence & Privilege
- okalways is false and the skill does not request elevated/persistent system privileges or modify other skills. It runs on demand and only reads environment variables at runtime.