Crypto Cog
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A research task may continue through the external CellCog agent after launch and then notify the session when complete.
The skill instructs the user to hand a broad research prompt to CellCog in agent mode, including an asynchronous OpenClaw workflow. This is central to the skill's purpose, but it is still delegated agent activity.
**OpenClaw (fire-and-forget):** result = client.create_chat(... notify_session_key="agent:main:main", ... chat_mode="agent")
Use explicit, bounded prompts and avoid asking the delegated agent to perform account, trading, or wallet actions unless those actions are separately reviewed and approved.
Installing or using the skill requires access to a CellCog account credential.
The skill requires a CellCog API key, which is expected for using the CellCog service. The provided artifacts do not show misuse, leakage, or unrelated use of the credential.
requires: bins: [python3] env: [CELLCOG_API_KEY]
Provide only a CellCog API key intended for this service, keep it out of prompts and shared files, and revoke it if you stop using the skill.
The security of actual execution depends partly on the external CellCog dependency that is not included in this artifact set.
The instruction-only skill depends on the external CellCog SDK/package, but the provided artifact does not include version pinning or package provenance. This is purpose-aligned, not evidence of malicious behavior.
dependencies: [cellcog] ... from cellcog import CellCogClient
Install the CellCog dependency only from the official source, prefer pinned versions where available, and review the separate CellCog skill or package documentation before use.
Portfolio allocations, wallet-related questions, and other private crypto research details may leave the local agent context and be handled by CellCog.
The skill sends user prompts to CellCog, and the example prompts include portfolio analysis. That means sensitive financial or wallet-related details may be processed by the external provider.
client.create_chat(prompt="[your task prompt]", ...) ... "Analyze my portfolio: 50% ETH, 20% SOL, 15% LINK, 10% ARB, 5% PEPE"
Do not include seed phrases, private keys, exchange passwords, or unnecessary personally identifying financial details in prompts; review CellCog's data handling terms if privacy is important.