Skillv1.0.0

ClawScan security

BTC Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 22, 2026, 6:27 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's stated purpose (fetch Binance 15m candles and compute EMA/RSI) is plausible, but the runtime instructions expect a local Python script at a hardcoded path while the skill package provides no code or install steps — that's an incoherence you should not ignore.
Guidance: Do not enable or run this skill until you can verify the analyze.py it intends to execute. The SKILL.md tells the agent to run a local Python script at a hardcoded path, but the package contains no code or install instructions — that means the agent would run whatever is present at that path on your machine. Ask the skill owner for the source repository or an install script, or request that the skill bundle its analyze.py (or provide a trustworthy install step). If you must test it, inspect the file ~/.npm-global/lib/node_modules/openclaw/skills/btc-analyzer/analyze.py manually before allowing the skill to execute it, and review it for network calls, shell execution, or secret access. If you cannot inspect the file or obtain a trusted source, avoid installing this skill.

Review Dimensions

Purpose & Capability: noteThe declared capability (fetch BTCUSDT 15m candles from Binance public API and compute EMA20/RSI14) aligns with requiring python3 and making public REST calls to Binance. However the SKILL.md expects a local script at ~/.npm-global/lib/node_modules/openclaw/skills/btc-analyzer/analyze.py to perform the work, but the skill package contains no code or install spec to place that script there. That mismatch is unexplained.
Instruction Scope: concernThe runtime instructions explicitly tell the agent to run a local Python script at a hardcoded path and parse its JSON output. The skill text only references Binance public API (which is fine), but because the script is not included, the agent would either fail or attempt to execute whatever file exists at that path on the host — which could be any arbitrary code. The instructions do not provide safe fallback behavior or a way to obtain/inspect the script prior to execution.
Install Mechanism: concernThere is no install spec or bundled code, yet the instructions assume the analyzer script lives under ~/.npm-global/lib/node_modules/… suggesting an npm/global install that never occurs in this package. This gap is a red flag: running an assumed-but-unprovided local binary/script is incoherent and could lead to execution of unknown code if a file exists at that location.
Credentials: okThe skill requests no environment variables or secrets and only requires python3. It makes network calls to Binance public API (no API key required), which is proportional to the stated purpose. There are no additional, unexplained credential or config demands.
Persistence & Privilege: okThe skill does not request always: true and makes no claims about modifying other skills or system-wide settings. It is user-invocable and allowed to be called autonomously by default, which is normal for skills; that alone is not concerning here.