Bsc Dev Monitor Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
The BSC monitoring purpose is plausible, but the package exposes hardcoded platform/payment credentials and includes unsafe deployment and billing inconsistencies.
Do not run the deployment scripts or install this as-is. Ask the maintainer to rotate exposed credentials, remove passwords and API keys from the package, use environment-managed secrets, and clarify billing plus safety-feature status before using the monitor.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can view the package could attempt to use the exposed account credential or alter/publish skills under that account.
The deployment guide publishes a real-looking ClawHub account password in the package. This credential is not needed for users to monitor BSC wallets and could allow account misuse.
邮箱: `hefang080@gmail.com`; 密码: `[REDACTED]`
Remove all account passwords from the skill package, rotate the exposed credential, and use a private secret manager or user-specific OAuth/token flow for deployment.
The payment integration could be abused or broken if the exposed key is reused, revoked, or tampered with.
The runtime code embeds a payment API key and uses it for payment links and authorization. This exposes provider authority to anyone receiving the skill.
const SKILLPAY_CONFIG = { apiKey: '[hardcoded sk_... key]', price: '0.01', currency: 'USDT' }Treat the key as compromised, rotate it, and load payment/API secrets from protected environment variables or platform-managed credentials rather than committed files.
Running the helper could mutate a ClawHub account or publish/upload code unintentionally.
If invoked, the helper logs in with bundled credentials, reads a local ZIP, and uploads a skill package. That high-impact publishing action is outside the normal BSC monitoring purpose and has no separate confirmation step.
const loginSuccess = await login(); ... await uploadSkill(); ... path: '/api/skills/upload'
Do not run bundled deployment helpers from an installed skill. Keep deployment automation outside the user-facing package and require explicit authenticated publisher approval.
Users may approve monitoring without understanding the actual fee or charging trigger.
The same user-facing artifact presents different billing modes and amounts, so a user cannot reliably tell when or how much they will be charged.
price: 0.01 ... billing_mode: per_call ... later examples use billing_mode: per_detection and amount: "0.001"
Publish one clear billing model and price across SKILL.md, README, code, and payment configuration before users install or invoke the skill.
Users may rely on advertised safety filtering that may not actually be implemented.
The project summary marks safety detection and history features as unfinished, while the main skill description advertises safety checks/history support. This can overstate protection for trading decisions.
- [ ] 安全检测(蜜罐检测) ... - [ ] 监控历史记录
Clearly label unfinished safety/history features as unavailable, or provide reviewed code/tests showing they are implemented before advertising them.
A webhook endpoint can learn which wallets and token events the user is monitoring.
Webhook delivery is disclosed and purpose-aligned, but it sends monitored event details and billing metadata to an external URL supplied in configuration.
"webhook_url": "https://your-server.com/webhook" ... 系统会自动推送
Use only trusted webhook URLs, avoid sharing sensitive trading strategies unnecessarily, and rotate webhook secrets if exposed.
A continuous monitor can keep making network calls and sending notifications until it is stopped.
The skill can run a monitor continuously when duration is set to 0. This is expected for a monitoring tool, but it is persistent activity that should be deliberate.
"duration": 86400 // 监控 24 小时,0 表示持续监控
Prefer finite durations unless continuous monitoring is intended, and use the documented stop action to end monitors.