Back to skill
Skillv1.2.6
ClawScan security
fdfafsfdsafdas · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 29, 2026, 7:12 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions look like a legitimate Bybit trading integration, but multiple metadata inconsistencies and provenance/version mismatches raise concern and merit manual verification before installing.
- Guidance
- Do not install or provide real API credentials until you verify the skill's provenance. Specific checks: (1) Confirm the skill in the registry actually links to Bybit's official repository/page (the packaged SKILL.md claims https://github.com/bybit-exchange/skills but the registry shows 'Source: unknown' and no homepage). (2) Resolve metadata mismatches (registry says no env vars; SKILL.md requires BYBIT_API_KEY/BYBIT_API_SECRET). Ask the publisher why name/slug/version differ and request a verified publisher badge or signed package. (3) If you proceed, create a dedicated sub-account with minimal balance, grant only Read+Trade (never Withdraw), and enable IP whitelisting; prefer testnet keys first. (4) Inspect package contents yourself or via the platform's verifier for tampering. (5) If you have already installed and used it and suspect inconsistencies, rotate/disable the API key and create a new limited key after confirming the skill's origin.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md clearly implements a Bybit trading skill and legitimately requires Bybit API credentials (read+trade). However the registry metadata above the files lists no required environment variables or primary credential, and the package name/slug (fdfafsfdsafdas) plus 'Source: unknown / Homepage: none' do not match the SKILL.md author/homepage claims (author: Bybit, homepage: https://github.com/bybit-exchange/skills). Version fields also mismatch (registry shows v1.2.6 while SKILL.md/README show v1.2.5). These provenance and metadata inconsistencies are disproportionate to the stated purpose and are suspicious.
- Instruction Scope
- okThe SKILL.md instructions stay within the trading scope: they require API keys from environment variables, run Bybit REST endpoints, perform local HMAC signing, instruct masking of keys, and enforce confirmation rules for mainnet writes. No instructions request unrelated system files or unknown external endpoints beyond Bybit API. The module-on-demand behavior refers to local files packaged with the skill.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files that would be downloaded or executed at install time. That minimizes install-time risk.
- Credentials
- concernThe SKILL.md requires BYBIT_API_KEY and BYBIT_API_SECRET (and optional BYBIT_ENV), which are appropriate and proportionate for trading. However the registry metadata claims no required env vars — a direct contradiction. Also the package asks for trade-capable API keys (expected) but the provider/registry mismatches mean you should verify the package source before giving credentials. The skill explicitly warns not to request withdraw permission, which is correct.
- Persistence & Privilege
- okalways:false and no install-time persistence are set. Autonomous invocation (disable-model-invocation:false) is the platform default; while this gives the skill the ability to act autonomously, it is expected for an agent skill and not in itself an exceptional privilege. The skill does not request system-wide config changes.