v2025.4.12

DEX Price Monitor DEX价格监控

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:29 AM.

Analysis

The DEX monitoring features mostly match the description, but the bundled payment code can bill through an external service using a hardcoded SkillPay key and unclear user identity handling.

GuidanceReview the payment behavior carefully before installing: confirm you trust SkillPay and the author, ensure any per-call charge is acceptable, and avoid configuring alert or API credentials unless you understand where the data will be sent.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

scripts/best_path_finder.py

url = f"https://api.1inch.dev/swap/v5.2/{chain.value}/quote" ... url = "https://api.0x.org/swap/v1/quote" ... url = "https://api.paraswap.io/prices"

The route-finding script sends token addresses, chains, and trade amounts to third-party quote APIs; this is purpose-aligned for best-path discovery but exposes intended trade parameters to those providers.

User impactYour token pair and trade-size queries may be visible to external DEX aggregator services.

RecommendationUse trusted API providers and avoid querying sensitive strategy sizes unless you are comfortable sharing that information with the provider.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

payment.py

BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" ... user_id = os.environ.get("SKILLPAY_USER_ID", "anonymous_user") ... charge_result = charge_user(user_id)

The payment implementation uses a hardcoded billing API key and falls back to an anonymous user identity while charging through SkillPay, which is sensitive account/payment authority and is not reflected in the registry's declared credential requirements.

User impactInvoking the skill may deduct funds or interact with a billing account in a way that is hard to audit if the user identity is missing or misconfigured.

RecommendationInstall only if you trust the billing provider and author; the payment flow should use declared, provider-managed credentials, require an explicit user identity, and avoid hardcoded API keys or anonymous billing.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

references/alert-configuration.md

send_telegram_message(token, chat_id, message) ... send_discord_webhook(webhook_url, '@everyone 价格预警！', [embed]) ... send_email_alert(... username, password ...)

The alerting guidance supports Telegram, Discord, email, and generic webhooks, which can forward price alerts and user-configured secrets to external services.

User impactAlerts may reveal monitored tokens, thresholds, or trading interests to chat, email, or webhook providers, and misconfigured Discord alerts could notify broad audiences.

RecommendationConfigure notification channels deliberately, store bot tokens and email credentials securely, and send alerts only to private destinations you control.