Prism Scanner
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a small token-risk scanner that sends the requested token to a disclosed PRISM API; its notable issues are dependency/version/documentation clarity rather than evidence of malicious behavior.
This appears safe to install as a user-invoked scanner, but understand that scans are sent to the configured PRISM API, curl and jq are needed even though not declared, and the output should not be treated as financial advice or a complete audit.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Token symbols or contract addresses you scan are shared with the configured PRISM API endpoint.
The scanner uses curl to send the user-supplied token or address to an external PRISM API. This is disclosed and purpose-aligned, but users should know their queried tokens are sent to that service.
analyze=$(curl -s "$PRISM_URL/analyze/$TOKEN") copycat=$(curl -s "$PRISM_URL/analyze/copycat/$TOKEN")
Use the default endpoint only if you trust the PRISM service, and avoid scanning private or sensitive watchlist data if that matters to you.
The skill may fail at runtime unless curl and jq are installed, despite the registry saying no binaries are required.
The runnable script depends on jq, and also uses curl, while the registry requirements declare no required binaries. This is a setup/documentation gap rather than evidence of hidden behavior.
risk_score=$(echo "$analyze" | jq -r '.risk_score // 0')
Before using it, confirm curl and jq are available, and the publisher should declare these requirements in metadata.
It may be harder to tell exactly which package version you are reviewing or installing.
The bundled skill.json version differs from the registry version 1.1.2 and SKILL.md version 1.1.1, creating a minor provenance/versioning inconsistency.
"version": "1.0.0"
The publisher should align version numbers across registry metadata, SKILL.md, and skill.json.
Users may believe the local script directly performs every documented check when the included implementation visibly relies on fewer API calls and the provider's returned summary.
The documentation lists holder and rebrand endpoints, but the included script only calls /analyze and /analyze/copycat. The skill also includes DYOR/not-financial-advice warnings, so this is a capability clarity issue rather than deception.
| Holder Concentration | `/analytics/holders` | Medium | | Rebrand History | `/analyze/rebrand` | Info |
Treat the output as a PRISM API summary, not a complete independent rug-pull audit, and verify important results with other sources.