Skillv1.0.10

ClawScan security

sol-bsc-dev-monitor-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 6, 2026, 3:59 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code generally matches a monitor-only BSC/Solana description, but there are clear inconsistencies, embedded billing credentials, and several buggy/incomplete pieces that make the package suspicious and worth manual review before use.
Guidance: Things to consider before installing/running: - Do not run this on systems containing private keys or production wallets until you audit it locally — the author embeds a SkillPay API key in the source which is sensitive and unusual. - The README/SKILL.md reference node index.js for billing/auto-charge operations but index.js is missing: the advertised billing/autocharging flow appears incomplete or broken. Ask the author for the missing file or an explanation before using billing features. - The billing API key (sk_* value) is hardcoded in billing.js/billing-final.js and in SKILL.md frontmatter. If you plan to use this package, consider removing or rotating that key and configuring billing via environment variables or your own billing account. - Several code paths look buggy (Solana transaction parsing and some counters). These are likely to cause false negatives/positives or runtime errors, not direct exfiltration, but you should review and test in an isolated environment first. - Network calls to skillpay.me, configured RPC endpoints, and public DEX sites are expected; review and decide whether those endpoints are acceptable for your environment. - If you want to proceed: run in an isolated VM/container with no secrets, review/fix the missing index.js or disable billing calls, and inspect or remove the embedded API key. If you cannot verify the missing pieces or the API key provenance, do not use it for real monitoring/billing.

Review Dimensions

Purpose & Capability: noteThe stated purpose—monitor-only for BSC and Solana—is broadly consistent with the provided monitoring scripts (index-bsc.js and index-sol-safe.js). Billing-related files exist (billing.js / billing-final.js) which is reasonable given the SKILL.md describes paid per-call usage. However the SKILL.md and README reference an index.js for billing/auto-charge operations but no index.js exists in the file manifest — a missing file that breaks the advertised billing/auto-charge flow.
Instruction Scope: concernSKILL.md instructs the agent to call node index.js for balance/payment/monitor-with-auto-charge actions, but index.js is absent. The SKILL.md frontmatter includes a billing API key and explicit per-call billing configuration; the code indeed performs outbound billing requests to skillpay.me using a hardcoded API key. The monitoring instructions themselves only read public blockchain data and local logs (consistent with monitor-only claims), but the missing index.js and the embedded API key are scope and operational inconsistencies that need resolution.
Install Mechanism: okThis is an instruction/code-only skill with no install spec. Dependencies are standard JS libs (ethers, @solana/web3.js, axios). No remote downloads or archive extraction are present in the manifest — low install risk. The presence of code files means running npm install will pull normal public packages as listed in README.
Credentials: concernThe skill declares no required environment variables, yet the repository and SKILL.md embed a billing API key (skillpay) directly in code and frontmatter. Embedding a secret/API key in published code is poor practice and increases risk: that key could be used by the author or anyone with the package to call the billing API. Apart from billing, the skill does not request private keys or unrelated credentials (which matches the monitor-only claim).
Persistence & Privilege: okNo elevated platform privileges are requested (always:false). The skill does not claim to modify other skills or system-wide settings. It writes logs and detection JSON files to local directories (logs-*/, detections-*/), which is expected for a monitoring tool.