Skillv1.0.0

ClawScan security

pve(dot)trade wrapped · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:28 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: This appears to be a coherent PvE prediction-market trading skill, but registry metadata and runtime instructions disagree about credentials and it is marked always-on (always:true) with an unknown source — these inconsistencies increase risk.
Guidance: This skill looks like a legitimate PvE trading integration, but exercise caution before enabling it. Key points to consider: - The skill will attempt network calls to api.pve.trade (and may open WebSocket connections). Only enable if you trust that domain. - The SKILL.md expects an API key but the registry metadata does not declare where the key should be stored; ask the provider how the key is handled and stored securely before providing it. - The skill is marked always:true, meaning it will be active for every agent run — if you install it, consider disabling the always-on setting or limiting its use until you verify the source. - There is no homepage or source repository to audit — request a repo, privacy/security policy, and contact info from the publisher. Look for README, changelog, and code you can review if possible. - If you proceed, avoid reusing high-privilege credentials (use a dedicated API key with minimal scope) and monitor the agent’s outbound activity and any posts it makes to the platform. If you want help drafting questions to ask the publisher (e.g., how keys are stored, why always:true is needed, data retention policies), I can produce them.

Review Dimensions

Purpose & Capability: noteThe name/description and the SKILL.md align: the instructions target PvE trading APIs, OSINT feeds, websockets, and paper trading which is consistent with the stated purpose. However, the SKILL.md expects an API key header (X-Agent-Key) while the registry metadata declares no required environment variable or primary credential, and there is no homepage or source URL to verify the publisher.
Instruction Scope: okRuntime instructions stay within the PvE domain (https://api.pve.trade and localhost fallback), describe explicit API endpoints, WebSocket channels, and normal trading/social actions. The instructions do not request reading local files, unrelated environment variables, or other system credentials. They do instruct posting analysis and trading activity to remote endpoints (expected for a trading/social skill).
Install Mechanism: okNo install spec and no code files — instruction-only skill — so nothing will be written to disk by an installer. This reduces supply-chain/install risk.
Credentials: concernThe SKILL.md requires an API key (X-Agent-Key) for normal operation and describes a registration flow that returns a one-time API key, but the registry metadata lists no required environment variables or primary credential. That mismatch is a red flag: there's no declared mechanism for securely providing/storing the API key, and an always-on skill that can call external APIs increases the chance of accidental credential exposure or automatic outbound requests using a user-provided key.
Persistence & Privilege: concernThe metadata and SKILL.md include always:true, meaning the skill is force-included in every agent run. Always-on combined with autonomous network access to an external API (and endpoints that accept posts) increases blast radius. Autonomous invocation is normal, but always:true is a significant privilege and should be justified; no justification or trusted source is provided here.