ClawHub

Web3Tech

v1.0.0

Crypto project research, new coin discovery, due diligence, developer analysis, whitepaper validation, code similarity checks, and AI-powered development mon...

0· 44·0 current·0 all-time
byMr. One@one0000u
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the requested credential and behavior. The single required env var is WEB3TECH_API_KEY, which is the expected main credential for a remote research API. There are no unrelated binaries, config paths, or extraneous credentials requested.
Instruction Scope
SKILL.md and reference files confine runtime actions to calling web3tech tool endpoints and following structured research workflows and output templates. Instructions explicitly forbid inventing metrics and require checking server availability. There are no directives to read unrelated local files, other environment variables, or to transmit data to unknown endpoints.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes on-disk execution risk. All runtime behavior depends on calls to the remote MCP server (expected for an API-backed research skill).
Credentials
Only one required environment variable (WEB3TECH_API_KEY) is declared as the primary credential. That is proportionate to the skill's described remote-API purpose. No other secrets or unrelated credentials are requested.
Persistence & Privilege
always is false and model invocation is allowed (the platform default). The skill does not request persistent system-wide privileges or access to other skills' configs. No privileged behavior is present in the files reviewed.
Assessment
This skill appears internally consistent, but it relies on a remote MCP server you must trust. Before installing: verify the Web3Tech provider (review https://web3tech.org, privacy/terms, and reputation); only give the API key the minimal scope needed and rotate/revoke it if you stop using the skill; avoid sending private keys or non-public secrets as part of prompts; monitor API usage for unexpected calls; and be cautious when the agent requests deep developer profiling — validate that only public data is being fetched. If you need higher assurance, request the skill's network endpoints and API specs from the provider or test it in an isolated account/key first.

Like a lobster shell, security has layers — review code before you run it.

latestvk975rej7bh7709wtfhszemc8r5849d69

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔬 Clawdis
EnvWEB3TECH_API_KEY
Primary envWEB3TECH_API_KEY

Comments