ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

BSC Analytics BSC生态分析

v1.0.0

币安智能链 (BSC) 生态综合分析工具。提供 BSC DeFi 协议分析、链上数据监控、项目评估、投资机会发现和风险预警。当用户需要分析 BSC 生态、评估 BSC 项目、监控链上数据、发现 BNB Chain 投资机会或获取币安链情报时触发此 Skill。

0· 17·0 current·0 all-time
by@shenmeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The declared purpose is BSC/DeFi analytics which is coherent with the provided analysis and calculator scripts. However, the package also contains a payment module and an API key embedded in _meta.json and payment.py — a capability (remote payment verification) that is not documented in SKILL.md usage sections nor declared as a required credential. Embedding a payment API key in code is disproportionate to the analytics purpose and unexpected.
!
Instruction Scope
SKILL.md documents running local analysis scripts (monitor, evaluator, yield calculator) and does not instruct the agent to call the payment API. The repository contains payment.py which issues network requests to https://api.skillpay.io with an Authorization header; that network behaviour is not surfaced in SKILL.md and could be invoked by the skill at runtime, leading to transmission of user wallet addresses and timestamps to a third party.
Install Mechanism
No install spec is provided (instruction-only install), and included scripts are plain Python files. There is no third-party binary download or archive extraction. Risk from install mechanism is low.
!
Credentials
The skill declares no required environment variables, yet contains a hard-coded secret API key (appearing both in _meta.json.pricing.apiKey and payment.py). This secret will be used to authenticate requests to a third-party payment service and may be used to verify user addresses — a privacy and credential-exposure concern. The skill also supports SKILLPAY_SKIP_VERIFICATION via an env var, but that is a developer/testing bypass and does not justify shipping hard-coded credentials.
Persistence & Privilege
This skill is not always-enabled and does not request elevated platform privileges. It writes temporary output to /tmp in the monitor script (non-privileged) and does not modify other skills or global configuration.
Scan Findings in Context
[hardcoded_api_key] unexpected: A secret API key (sk_...) is present in both _meta.json.pricing.apiKey and payment.py and is used to call https://api.skillpay.io/v1/verify. An analytics skill does not reasonably need a hard-coded third-party payment API key embedded in its repository.
What to consider before installing
What to consider before installing: - The code is mostly benign analytics (monitoring, evaluator, yield calc) and matches the BSC-analytics description, but pay attention to payment.py and _meta.json: they contain a hard-coded SkillPay API key that will be sent to https://api.skillpay.io when verify_payment is called. That can leak the key and transmit user wallet addresses/timestamps to a third party. - If you do not want any external network calls or data sent to SkillPay, do not install or run this skill as-is. Ask the author why a payment API key is embedded instead of requiring an environment variable and why SKILL.md does not disclose payment enforcement. - If you still want to use the analytics logic: (1) Inspect/grep the code; (2) Remove or rewrite payment.py, or replace the hard-coded key with a configuration that you control (ENV var); (3) Run in an isolated environment (no network) or with outbound network blocked until you validate behaviour; (4) Do not provide wallet addresses or sensitive info until you trust the payment endpoint. - Consider requesting the publisher to (a) remove secrets from source and declare payment requirements in SKILL.md, (b) document when and how payment verification occurs, and (c) provide an option to run analytics in offline/free mode. - If you cannot verify the author or the SkillPay endpoint, treat the embedded API key as compromised and avoid using the skill with real wallet info.

Like a lobster shell, security has layers — review code before you run it.

latestvk9785jvwhbcca5qzxmhetg2qb5846v59

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments