Back to skill
Skillv1.0.0
ClawScan security
CoinGecko Price · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 24, 2026, 1:37 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements match its stated purpose (querying CoinGecko), it does not request credentials or unrelated system access, and the runtime actions are limited to HTTP calls to the CoinGecko API.
- Guidance
- This skill appears coherent and limited to querying CoinGecko's public API. It does make outbound HTTPS requests to api.coingecko.com (the script uses urllib) and includes a custom User-Agent string; those network calls are expected for this functionality. Because the source/homepage is unknown, if you require a higher assurance level you may: (1) review the provided script locally before running, (2) run it in an isolated environment if you are cautious, and (3) be aware of CoinGecko rate limits and that results are for reference only (not financial advice).
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md instructions, and the included Python script all consistently implement a CoinGecko price/query tool. No unrelated services, binaries, or credentials are requested.
- Instruction Scope
- okSKILL.md instructs running the included script with clear commands (search/get/top). The instructions and script only fetch data from api.coingecko.com and do not reference or read other system files, environment variables, or external endpoints.
- Install Mechanism
- okThere is no install spec; this is instruction-only plus a bundled Python script. No downloads, package installs, or archive extraction are performed by the skill.
- Credentials
- okThe skill declares no required environment variables or credentials and the script does not read secrets or config files. Network access to api.coingecko.com is the only external requirement and is proportionate to the purpose.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify agent/system configuration. It runs only when invoked and does not persist or request elevated privileges.