Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
DeFi Yield Monitor
v1.1.0Monitor DeFi lending and savings positions across Aave v3, SparkLend, Spark Savings, and Kamino with balances, APYs, health factors, and yield tracking.
⭐ 0· 320·1 current·1 all-time
byReed@reed1898
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (DeFi yield monitor) match the included scripts and config template: wallet addresses, protocols, APY/health-factor tracking are coherent. However the SKILL.md calls the project 'self-contained' yet the package lacks the primary runtime (main.py) and depends on cloning https://github.com/reed1898/defi-yield-monitor at setup — a contradiction between 'self-contained' and an external dependency.
Instruction Scope
Instructions tell the agent/user to run the provided setup/run scripts and to edit config with wallet addresses (expected). They also suggest automated delivery to Telegram/Discord but do not declare any required tokens or webhook fields in the skill metadata; the actual code that implements delivery (likely in the cloned repo's main.py) is not included for review. The run script probes system state (runs lsof via grep to auto-detect local proxies), which reads process/listening-port info outside the skill workspace.
Install Mechanism
There is no formal install spec in the registry, but scripts/setup.sh clones a GitHub repository and installs Python packages into a virtualenv. Cloning and then executing arbitrary code from a remote repo at setup/run time is a moderate risk: the source is a GitHub URL (better than an arbitrary paste/IP), but it still means code not shipped with the skill will be downloaded and executed on install.
Credentials
The skill declares no required environment variables or credentials (and no primaryEnv), which fits 'public endpoints/no API keys'. However SKILL.md mentions delivering reports to Telegram/Discord (which normally require tokens/webhooks) but the skill metadata doesn't request or document any such credentials — a mismatch that may lead the runtime code to prompt for or read sensitive tokens from config or other environment variables not disclosed here.
Persistence & Privilege
always is false and the setup only creates a repo clone and a local virtualenv under the user's workspace, which is expected for this type of tool. There is no evidence the skill tries to modify other skills or system-wide settings. The run script's use of lsof inspects system processes, which is noteworthy but not a privilege escalation.
What to consider before installing
This skill is suspicious rather than clearly benign because the package omits the main runtime and instead fetches code from a GitHub repo at setup time. Before installing or running it: 1) Review the remote repository (https://github.com/reed1898/defi-yield-monitor) and its main.py to confirm exactly what network calls, webhooks, and data accesses it performs. 2) Check config.example.json to see if it expects Telegram/Discord tokens or other secrets; do not paste private keys or API tokens until you verify how they are stored and used. 3) Consider running the setup and the tool in a sandboxed environment (container or VM) and inspect the code that will run. 4) Be aware the run script may probe local processes to auto-configure proxies (uses lsof) — if you run it on a system with local proxy services, the skill will route traffic through them. 5) If you do not trust the remote repo owner, do not run the setup script; ask the skill author to include the runtime code in the package or provide a vetted release. Additional useful info that would raise confidence: a packaged main.py for review, explicit declared env vars for any webhooks, and a signed/release-tagged GitHub repository with a reproducible install path.Like a lobster shell, security has layers — review code before you run it.
latestvk973cz3anf5c4jj5mtk0msg05x82gbc9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.