ClawHub

ShieldBot BNB Chain Security Scanner

v1.0.1

BNB Chain security scanner — scan contracts, simulate transactions, detect phishing, investigate deployers, track scam campaigns, and audit wallet approvals...

0· 82·0 current·0 all-time
byRidwan Nurudeen@ridwannurudeen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code and SKILL.md: the Python client calls ShieldBot API endpoints to scan contracts, simulate transactions, check phishing, inspect deployers, list campaigns, and audit approvals. Required binaries (python) and the minimal requests dependency are proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to call local Python client scripts that POST/GET user-supplied contract addresses, transaction parameters, wallet addresses, URLs, and free-text questions to the ShieldBot API. That is expected for this product, but it means user-supplied inputs will be sent to an external service. Also the trigger keyword list is broad and could cause accidental activation—consider stricter invocation rules if privacy is a concern.
Install Mechanism
No download-from-URL installs or archive extraction. The only dependency is the well-known 'requests' package declared in requirements.txt; installation via pip is typical and proportional.
Credentials
The skill does not require credentials or sensitive environment variables. It exposes a single optional override SHIELDBOT_API_BASE to point at a different API endpoint. No secret tokens, keys, or config paths are requested.
Persistence & Privilege
The skill does not request always:true or other elevated privileges, and does not attempt to modify other skills or system-wide settings. It runs as an invoked Python client and returns formatted output.
Assessment
This skill appears coherent for a contract/transaction scanner, but it will transmit any addresses, transaction parameters, URLs, and free-text questions you provide to the external ShieldBot API (https://api.shieldbotsecurity.online) which is unauthenticated and may log queries. Before installing: 1) Verify you trust the ShieldBot service and the GitHub source (the SKILL metadata points to an external repo). 2) Never send private keys, seed phrases, or wallet JSON — the skill does not request them but user mistakes could leak them. 3) If privacy/logging is a concern, set SHIELDBOT_API_BASE to a vetted endpoint or avoid sending sensitive identifiers, and consider disabling autonomous invocation or narrowing trigger keywords to avoid accidental calls. 4) Note small implementation quirks (inconsistent param names like chainId vs chain_id) — functionality may need testing. If you need stronger guarantees about where data goes, review and run the included Python client locally or inspect the ShieldBot API/privacy policy first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97194hnp6fb0q3jjqw1t8004583c09w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
OSWindows · Linux · macOS
Binspython

Comments