Bsc Dev Monitor Skill

Anyone who can view the package could attempt to use the exposed account credential or alter/publish skills under that account.

The deployment guide publishes a real-looking ClawHub account password in the package. This credential is not needed for users to monitor BSC wallets and could allow account misuse.

The payment integration could be abused or broken if the exposed key is reused, revoked, or tampered with.

The runtime code embeds a payment API key and uses it for payment links and authorization. This exposes provider authority to anyone receiving the skill.

Running the helper could mutate a ClawHub account or publish/upload code unintentionally.

If invoked, the helper logs in with bundled credentials, reads a local ZIP, and uploads a skill package. That high-impact publishing action is outside the normal BSC monitoring purpose and has no separate confirmation step.

Users may approve monitoring without understanding the actual fee or charging trigger.

The same user-facing artifact presents different billing modes and amounts, so a user cannot reliably tell when or how much they will be charged.

Users may rely on advertised safety filtering that may not actually be implemented.

The project summary marks safety detection and history features as unfinished, while the main skill description advertises safety checks/history support. This can overstate protection for trading decisions.

A webhook endpoint can learn which wallets and token events the user is monitoring.

Webhook delivery is disclosed and purpose-aligned, but it sends monitored event details and billing metadata to an external URL supplied in configuration.

A continuous monitor can keep making network calls and sending notifications until it is stopped.

The skill can run a monitor continuously when duration is set to 0. This is expected for a monitoring tool, but it is persistent activity that should be deliberate.