Back to skill
Skillv1.1.0
ClawScan security
Ripe Scanner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 13, 2026, 6:44 PM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill mostly matches its stated functionality, but there is a clear mismatch: SKILL.md/metadata claim "No API keys required" while the included script attempts to use an external Tavily API key (TAVILY_API_KEY) for Reddit sentiment — this unexplained credential requirement and external service call warrant caution.
- Guidance
- Key things to consider before installing: - The README/SKILL.md claim "No API keys required," but the bundled script can use a TAVILY_API_KEY to query a third-party (Tavily) for Reddit sentiment. That credential is not declared in the skill metadata — only provide it if you trust the Tavily service and the skill's author. - If you do NOT set TAVILY_API_KEY, Reddit sentiment calls will silently be disabled (the code returns None), but StockTwits and yfinance calls will still make outbound network requests. - The skill writes data to ~/.openclaw/workspace/memory/ripe_scanner and /tmp; snapshots may include symbol lists and scraped social results. Review those files if you run the skill. - Source/homepage are unknown — consider reviewing the full script locally (scripts/ripe-scan.py) for any additional network endpoints or unexpected behavior before running. - If you want to be cautious: run the skill in a sandboxed environment or network-restricted container, or remove/inspect the Tavily call before use. If you need safer behavior, ask the author to declare TAVILY_API_KEY in metadata and document when it will be used.
Review Dimensions
- Purpose & Capability
- concernName/description (momentum + social sentiment scanner) aligns with the code's behavior (yfinance technicals, StockTwits, Reddit). However SKILL.md and README repeatedly state "No API keys required," yet the script includes logic to call an external Tavily API using TAVILY_API_KEY for Reddit sentiment. That environment secret is not declared in the skill metadata and contradicts the 'no API keys' claim.
- Instruction Scope
- concernRuntime instructions tell the agent to run the bundled Python script and save snapshots under ~/.openclaw/workspace/memory/ripe_scanner — that's expected. The script makes external network calls (Wikipedia, yfinance/Yahoo, StockTwits, and optionally Tavily) and writes cache/snapshots to the user's home area. The hidden/undeclared use of a third-party Tavily endpoint for Reddit sentiment expands the instruction scope beyond what's promised and is not surfaced in the SKILL.md metadata.
- Install Mechanism
- okThis is effectively an instruction-only skill with an included Python script; there is no package download or install spec beyond asking the user to pip install yfinance,pandas,numpy. No installer URLs or archive extraction are used.
- Credentials
- concernRegistry metadata declares no required env vars, but the script checks for TAVILY_API_KEY (and will call Tavily if present). That is an undeclared credential requirement. Aside from that, no unrelated credentials (AWS, GCP, tokens) are requested; persistence is limited to files under the OpenClaw workspace and /tmp.
- Persistence & Privilege
- okThe skill is not force-included (always:false). It writes snapshots and cache under ~/.openclaw/workspace/memory/ripe_scanner and /tmp which is consistent with its functionality. Autonomous invocation is allowed by default (normal for skills) — nothing in the package requests system-wide changes or other skills' configs.