Skillv0.1.0

ClawScan security

Wallet Overview · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 9, 2026, 6:06 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions are coherent with a wallet-inspection purpose, but it depends on the 'fdx' CLI while the skill metadata does not declare that binary or a source/homepage—this mismatch and the unknown origin warrant caution.
Guidance: This skill's runtime is entirely based on the 'fdx' CLI, but the package metadata doesn't declare that requirement or a trusted source/homepage. Before installing or invoking: 1) Verify you have a legitimate 'fdx' binary from a trusted source (inspect its origin, publisher, and code if possible). 2) Run the same fdx commands (fdx status, fdx call getMyInfo, fdx call getWalletOverview) manually to see what data is returned and where credentials are stored. 3) Be aware that fdx's authentication may expose wallet keys or tokens to anything that can run the CLI—only use this skill if you trust the fdx client and the skill owner. 4) Prefer skills with a documented homepage/source and declared binary requirements; contact the publisher or avoid installing if the origin remains unknown.

Review Dimensions

Purpose & Capability: concernSKILL.md repeatedly calls the 'fdx' CLI (fdx status, fdx call getWalletOverview, getAccountActivity, getMyInfo), yet the registry metadata lists no required binaries and there is no homepage/source. A wallet overview skill legitimately needs a wallet client/CLI, so requiring 'fdx' is expected — but the metadata should declare that requirement and identify where 'fdx' comes from.
Instruction Scope: okThe runtime instructions are narrowly scoped to executing specific 'fdx' commands to check auth, profile, balances, and transactions. They do not instruct reading arbitrary files or sending data to external endpoints beyond what the 'fdx' CLI performs. The skill does reference an external 'authenticate' skill for login handling.
Install Mechanism: okInstruction-only skill with no install steps and no code files — lowest install risk. However, absence of an install spec means it relies on an existing 'fdx' binary being present (not declared in metadata).
Credentials: noteThe skill declares no environment variables or credentials, which matches the instructions. However, it relies on 'fdx' authentication state (presumably stored by the 'fdx' CLI) which may grant access to wallet keys or tokens outside this skill. That credential access is plausible for a wallet tool but is not surfaced in the metadata.
Persistence & Privilege: okThe skill is user-invocable, not always-enabled, and does not request persistent system-wide privileges in the metadata or instructions. It does not attempt to modify other skills or global agent settings.