Skillv1.0.0

ClawScan security

Hype Scanner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 6:55 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (a local Node.js hype scanner that uses public APIs and a local Ollama model); nothing obvious is requesting unrelated credentials or installing external binaries, but a few operational assumptions/omissions are worth noting before you run it.
Guidance: This skill appears to do what it claims: polling public market/social APIs, scoring candidates, and using a local Ollama instance for final validation. Before installing: 1) Ensure you run it on a machine with Node.js and a local Ollama instance (the code expects http://localhost:11434 and a specified model); if Ollama is missing the scanner will fall back to rules. 2) Be aware it writes alerts.json, scanner-state.json, and logs to its directory — run it under a limited user and monitor those files. 3) The SKILL.md's alert delivery (Telegram) is an external step — configure your Telegram token or other notifier securely in your agent/system; the skill does not store or request that token. 4) The Task Scheduler / cron guidance may require stored OS credentials for 'Run whether logged in or not' — consider using a less-privileged scheduled account. 5) If you need higher assurance, provide the full (non-truncated) scanner-ai.js for review and consider running it in an isolated environment (VM/container) while you validate behavior and network calls.

Review Dimensions

Purpose & Capability: okThe name/description (crypto/stock hype scanner) align with the included Node.js scanner and SKILL.md. The scanner queries Reddit, CoinGecko, DEXScreener, and StockTwits and calls a local Ollama instance for analysis — these are coherent with the stated purpose. It writes alerts.json/state/log files locally (expected for this task).
Instruction Scope: noteSKILL.md and the code restrict actions to scanning public APIs, local Ollama (http://localhost:11434), and writing alerts/state/logs to the scanner directory. The OpenClaw cron example instructs the agent to read alerts.json and send Telegram messages; the skill itself does not include a Telegram integration or declare Telegram credentials, so the alert-transport step depends on other agent configuration. The provided Windows Task Scheduler instructions run the scanner under the current user and ask to 'Run whether logged in or not' — this implies stored credentials for the scheduler and elevated persistence that users should be aware of.
Install Mechanism: okNo install spec or external downloads are used — the skill is instruction-only plus a Node.js script that uses built-in Node modules (fs/http/https). That is low-risk from an install mechanism perspective (nothing arbitrary is downloaded or executed beyond Node itself).
Credentials: noteThe skill declares no required environment variables or credentials, and its network calls go to public APIs and localhost Ollama. One mismatch to note: SKILL.md expects alerts to be delivered via Telegram, but the skill does not declare or request Telegram credentials — responsibility for messaging is delegated to the agent/OpenClaw environment. Ensure the Telegram (or other) integration used to forward alerts is configured elsewhere and only accessible with appropriate credentials.
Persistence & Privilege: okalways:false and no system-wide configuration changes are requested. The scanner writes files (alerts.json, scanner-state.json, scanner-ai.log) in its own directory and relies on a scheduler for periodic execution. It does not modify other skills or agent config in the code shown.