ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Airdrop Hunter

v1.3.1

虚拟币空投撸毛助手。当用户想了解空投项目、追踪潜在空投机会、获取交互教程、评估空投风险、管理多账号操作或查询最新空投资讯时使用。支持Layer 1/2公链、DeFi协议、AI项目、RWA等多种类型空投的分析与策略制定。

0· 90·0 current·0 all-time
by@shenmeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims no required environment variables or credentials in the registry summary, but _meta.json and payment.py implement a SkillPay billing integration (price_per_call, SKILLPAY_* env keys). A billing API key is hard-coded in payment.py. Requiring a billing integration is not inherently wrong, but the metadata/declared requirements are inconsistent and the presence of an embedded secret is disproportionate and unexpected for a content/guide-style helper.
Instruction Scope
SKILL.md instructs the agent to fetch live project data from the web and to provide step-by-step guides — that's consistent with its purpose. It also documents the SkillPay charge and tells users to ensure balance. The runtime instructions do not ask the agent to read local private keys or system files, but many reference documents and example scripts encourage automating wallet interactions (Selenium, web3) which, if used, could lead users to supply private keys to external scripts. The skill's own code only reads SKILLPAY_USER_ID from env and calls skillpay.me.
Install Mechanism
No install spec — instruction- and script-only. No downloads or packaged installers. This is lower risk than arbitrary remote installs.
!
Credentials
Registry metadata above lists no required env vars, but _meta.json lists payment.api_key_env: SKILLPAY_API_KEY and user_id env, and payment.py uses SKILLPAY_USER_ID from the environment while also containing a hard-coded BILLING_API_KEY value. The hard-coded API key (embedded secret) in payment.py is a serious red flag: it may leak the provider's credentials, can break billing expectations, and is inconsistent with the declared 'no required env vars'.
Persistence & Privilege
always:false and no OS restrictions; the skill does not request to be force-enabled, does not modify other skills, and does not request system-level privileges. It will, however, abort execution (SystemExit) if billing check fails which affects availability but not system privileges.
What to consider before installing
Key points to consider before installing: - Billing & hard-coded secret: The code contains a hard-coded SkillPay API key inside payment.py and the meta file declares SkillPay env variables. This means the skill will call an external billing endpoint (https://skillpay.me) and may attempt to charge per call. Hard-coded keys are a security/operational risk — they may be leaked, revoked, or abused. Ask the author to remove the embedded key and require the platform to supply credentials via explicitly declared environment variables. - Metadata inconsistency: The registry summary claims no required env vars, but _meta.json and payment.py indicate billing credentials are required. This mismatch could cause surprise billing behavior. Confirm what credentials (if any) you must provide and how payments are authorized. - Network calls: The skill will perform live web searches and call the SkillPay API. If you require an offline or air-gapped environment, this skill is not suitable. - Scripts that automate wallets: The included references and example scripts show patterns (web3, Selenium, prompts to store mnemonics) that could lead users to handle private keys. Never paste your private keys or mnemonics into third-party code or into the skill. Prefer using hardware wallets for any real funds and keep 'action' wallets separate from 'scripting' wallets. - Operational & legal caution: The skill advises techniques for multi-account/anti‑association (fingerprint browsers, residential proxies). Those techniques can be ethically or legally questionable and increase risk of account bans and loss. Consider compliance and terms-of-service implications for services you interact with. Recommended immediate actions: 1. Ask the publisher to explain the billing flow and remove the hard-coded API key (move to a declared env var or platform-managed secret). 2. Require the skill to declare required env vars and present a clear consent/confirmation step before any network charge is attempted. 3. Audit or sandbox the skill: run it in an isolated environment first and monitor outgoing network requests (confirm only skillpay.me and expected web searches are contacted). 4. Never provide private keys or secrets to the skill; treat any requests for mnemonics or private keys as a blocking security issue. If the developer cannot remove the embedded API key and clarify the billing behavior, do not install the skill in production or with any credentials you care about.

Like a lobster shell, security has layers — review code before you run it.

latestvk971b97pvt4wwwd4hzhpa4eh2d83reen

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments