Back to skill
Skillv1.0.0
ClawScan security
Sui Opportunities Hunter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewFeb 11, 2026, 9:39 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (scanning Sui for DeFi opportunities) matches its runtime instructions, but it directs the agent to share findings with an unknown third‑party API and gives no safeguards about what to send — creating a realistic data‑exfiltration / privacy risk.
- Guidance
- This skill is coherent with its stated purpose but poses a privacy/exfiltration risk because it instructs the agent to send findings to an unknown external API. Before installing: 1) Verify the repository and owner (the homepage is a placeholder) and review the service code or ask the publisher for a trustworthy repo. 2) Confirm who operates https://sui-opportunities-hunter.vercel.app and their data retention/privacy policies. 3) Do not allow the agent to include private keys, local files, or sensitive context in submissions; add explicit filters or sanitization. 4) If you must test, run the skill in a sandboxed environment with monitored network traffic. 5) If you want a safer option, prefer skills that publish source code and run scans locally or call well-known, trusted APIs (CoinGecko/DeFiLlama) directly rather than posting discoveries to an unknown third party.
Review Dimensions
- Purpose & Capability
- okName/description align with the runtime instructions: the agent is told to scan for arbitrage/yield/opportunities and call a remote API. Required binaries (only curl) are proportional and there are no unexpected credentials or config paths.
- Instruction Scope
- concernThe SKILL.md explicitly tells the agent to perform web research and then 'share everything' with a remote API (https://sui-opportunities-hunter.vercel.app). There are no instructions to sanitize or limit what is posted. That means the agent could inadvertently send sensitive local context, prompt contents, or other data to an unknown external service.
- Install Mechanism
- okInstruction-only skill with no install spec or downloaded code; lowest installation risk. Nothing is written to disk by the skill itself.
- Credentials
- noteNo environment variables or credentials are requested (appropriate for read-only public market queries). However, the skill encourages submitting arbitrary findings to an external service — this is a behavioral risk even without explicit credential requests because sensitive data could be included in submissions.
- Persistence & Privilege
- okalways:false (default) and no install hooks. The skill does not request permanent presence or elevated privileges.