ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AMLClaw

v2.0.0

AI-powered crypto AML compliance toolkit. Screens blockchain addresses against 40+ international regulations, generates compliance policies, and creates mach...

0· 194·0 current·0 all-time
by@npc7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, rulesets, policies, and Python scripts all match an AML/compliance screening toolkit: screening addresses, generating rules, and producing policies. The included defaults and large regulatory reference set are coherent with the stated purpose. Minor provenance concern: registry lists 'source: unknown' and no homepage even though README references a GitHub repo.
Instruction Scope
Runtime instructions direct the agent to run local Python scripts, read/write rules.json, read large reference documents, and generate reports — all expected for this skill. The SKILL.md also allows WebSearch and instructs copying a default ruleset into the working directory (which may overwrite an existing ./rules.json). The SKILL.md explicitly mentions TrustIn KYA API usage (desensitized data by default) and advises setting TRUSTIN_API_KEY for full data; however the registry metadata does not declare any required env vars. That mismatch (code/README/SKILL.md referencing an API and .env while registry declares no creds) is notable.
Install Mechanism
No formal install spec in the registry (instruction-only), but files include requirements.txt and the Quick Start recommends pip install requests and python-dotenv. Absence of a registry-level install step is low technical risk but surprising; users should manually inspect requirements.txt and the Python scripts prior to running. No remote binary downloads or obscure URLs were shown in the manifest.
!
Credentials
Registry declares no required environment variables or primary credential, yet README and SKILL.md reference an optional TRUSTIN_API_KEY and use of a .env (python-dotenv). The codebase contains scripts/trustin_api.py which likely makes network calls to TrustIn endpoints; this implies optional credential usage and network I/O not declared in the registry metadata. The undeclared potential for network calls and optional API key means environment/credential access is under-specified and should be verified before use.
Persistence & Privilege
Skill is not set to always:true and does not request elevated system persistence. Instructions only write/overwrite files under the skill workspace (e.g., copying defaults/rulesets to ./rules.json, writing ./reports/). No evidence of modifying other skills or system-wide config in the provided files.
What to consider before installing
This repo appears to be a plausible AML screening toolkit, but take these precautions before installing or running it: - Review scripts/trustin_api.py and scripts/run_screening.py to confirm what external endpoints are called and what data they send. Network calls to third-party services are core to function but you should be sure you trust the endpoint. - Because README/SKILL.md mention TRUSTIN_API_KEY and .env, expect the code to accept an API key; the registry metadata did not declare it — treat any API key as sensitive and only provide it after code review. - Back up or inspect any existing ./rules.json before running: the skill will auto-copy a default ruleset into the working directory which can overwrite local configuration. - Verify provenance: 'source: unknown' and no homepage reduce supply-chain confidence. If possible, prefer installing from a verified upstream repository or run the code in an isolated/sandbox environment first. - If you plan to use it with real customer or production data, have a compliance/security engineer audit the code (especially network code and any logging) to ensure no accidental exfiltration of PII or secrets. If you want, I can (1) list the exact files and functions to inspect for network/callouts, (2) summarize what scripts/trustin_api.py appears to do, or (3) show how to run the tool in a safe sandboxed environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b2tseskvk27nq4n9ws7z9h582qjyv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments