Skillv0.1.1

ClawScan security

Crunch Coordinate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 18, 2026, 8:03 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with its stated purpose (driving the crunch-cli to manage coordinators, crunches, staking, etc.), with only minor notes about installation and a Python vs Node package mention to double-check before installing.
Guidance: This skill appears to do what it says: translate user prompts into crunch-cli commands. Before installing or using it: 1) Verify the npm package @crunchdao/crunch-cli on the official npm site (author, weekly downloads, repository) to ensure you’re installing the intended project. 2) Confirm the Python package mention (pip install crunch-cli) — it may be a separate package required only for model/simulation commands; only install if you need those features. 3) Keep your Solana wallet keypair private: supply the wallet path explicitly when asked, and do not let the agent search for or reveal the file. 4) Require explicit user confirmation for any command that deposits, withdraws, stakes, delegates, or otherwise moves funds; consider testing on devnet first (use -n devnet and --dry-run) to avoid accidental financial transactions. 5) Prefer to run installations yourself (npm install -g) rather than granting the agent permission to install global packages automatically.

Review Dimensions

Purpose & Capability: okName/description (manage Crunch coordinators/competitions/staking via crunch-cli) matches the runtime instructions: it maps natural language to crunch-cli commands and expects the @crunchdao/crunch-cli npm package and a Solana wallet keypair for on-chain operations. No unrelated credentials or system-wide access are requested.
Instruction Scope: noteInstructions are narrowly scoped to generating and executing crunch-cli commands and managing ~/.crunch/config.json via the CLI. The skill explicitly forbids reading/displaying wallet keypair files and searching the filesystem for wallets, which is good. Note: the agent will run CLI commands that themselves access wallet files and network RPCs to sign/send transactions — this is expected for on-chain operations but means the agent can trigger real financial actions if allowed to execute commands.
Install Mechanism: noteThere is no built-in install spec in the registry bundle (instruction-only). The SKILL.md directs global npm install of @crunchdao/crunch-cli (official npm registry) which is proportionate. It also notes a Python package for model commands (pip install crunch-cli) — this dual Node/Python packaging is plausible but worth verifying (two different packages named similarly). No downloads from unknown URLs or archive extraction are present.
Credentials: okThe skill requests no environment variables or external secrets. It legitimately requires a user-controlled Solana wallet keypair file and uses ~/.crunch/config.json for profiles; both are proportional to the CLI’s purpose. The SKILL.md's admonition to never read/display wallet contents is appropriate. Confirm the agent will only use the wallet path you provide and will ask before installing or performing on-chain transactions.
Persistence & Privilege: okThe skill is instruction-only, does not request always:true, and does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) — note that this means the agent could autonomously run commands that perform transactions if given permission, so consider restricting autonomous capabilities or requiring user confirmation for financial actions.