Back to skill
Skillv1.0.0
ClawScan security
MemeCoin分析师 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 8, 2026, 8:06 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's functionality (Meme coin analysis) is plausible, but the SKILL.md embeds a payment API key and payment instructions despite declaring no required credentials or install steps and has no clear source — these inconsistencies are suspicious and merit caution.
- Guidance
- Do not assume this skill is safe just because it has no install or files. Specific things to consider before installing or using it: - The SKILL.md includes a plaintext API key (sk_...). Treat that as untrusted: do not reuse it and avoid sending private data to endpoints that accept it. Ask the author to confirm the key's purpose and validity or to remove it. - The skill declares no source/homepage and the owner is unknown; prefer skills with clear authorship and repository links. - The skill mentions charging 0.001 USDT via SkillPay.me but provides no mechanism the agent will use to bill you; ask how payments are enforced and whether you will be prompted before any charge. - If you plan to self-host, the README suggests using SKILLPAY_API_KEY as an env var — ensure you supply your own key (never the embedded one) and rotate any real keys you test with. - Because the skill touches blockchain data/APIs, verify which external APIs (DexScreener, explorers) will be called and whether API keys or rate limits are needed. Confirm privacy expectations (what data is sent to third parties). - If you want higher assurance, request the skill's source code or a repository, or run it in an isolated environment. If the author cannot provide provenance for the embedded API key or the service, treat the skill as untrusted. Given these unexplained inconsistencies (embedded secret, payment instructions, unknown origin), proceed with caution or mark the skill as untrusted until provenance and credential handling are clarified.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the instructions (price, indicators, holders analysis). However the SKILL.md also includes a payment model and a hard-coded SkillPay API key even though the skill declares no required credentials or payment integration — that payment detail is not justified by the declared requirements or provenance.
- Instruction Scope
- concernRuntime instructions stay within the stated analysis scope (price and on-chain holder analysis) and reference DexScreener and chain explorers appropriately. But the doc directly exposes an API key (sk_...) and a third-party payment flow (SkillPay.me) in plaintext; that is outside the normal responsibilities of an instruction-only analysis skill and could lead to accidental credential reuse or misuse.
- Install Mechanism
- okNo install spec and no code files are present, so nothing will be written to disk or executed by installing the skill. This lowers risk from install-time code execution.
- Credentials
- concernThe skill declares no required environment variables or credentials, yet the SKILL.md contains an explicit API key and instructs a deployment env var name (SKILLPAY_API_KEY). Hard-coded credentials in the documentation are disproportionate and unexplained and could be a leaked or malicious secret.
- Persistence & Privilege
- okThe skill does not request always:true and does not request elevated platform privileges. It is user-invocable and can be called autonomously (platform default), which is expected for skills.