ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Odds Movement Monitor 盘口监控

v2026.4.7-10

追踪体育赛事亚盘、欧赔、大小球的实时变动。 发现赔率异动、识别机构态度转变、捕捉投注时机。 已接入 SkillPay,每次调用 0.01 USDT。

0· 661·0 current·0 all-time
by@shenmeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Functionality (odds fetching, change detection, alerts) aligns with the name/description. However metadata/manifest mismatches: the registry summary lists no required env vars while _meta.json and the code reference billing env vars (SKILLPAY_API_KEY, SKILLPAY_USER_ID) and odds API key (ODDS_API_KEY). That inconsistency is unexplained.
Instruction Scope
SKILL.md describes only legitimate monitoring tasks and mentions paid usage via SkillPay. The runtime code writes local SQLite DBs and issues HTTP requests to odds APIs and the billing endpoint — actions consistent with monitoring + billing. SKILL.md does not document the exact env var names for billing though, and demo/monitor suggest ODDS_API_KEY is used; this gap is confusing but not itself malicious.
Install Mechanism
No external install spec or remote downloads; code is included in the bundle. That reduces supply-chain risk compared to fetching binaries from arbitrary URLs. The code depends on common Python libs (aiohttp, requests).
!
Credentials
Payment integration raises proportionality issues: _meta.json declares SKILLPAY_API_KEY and SKILLPAY_USER_ID as required, monitor.py reads ODDS_API_KEY, but the registry summary lists no env requirements. Critically, payment.py embeds a long BILLING_API_KEY constant (hard-coded secret) and uses it for all billing calls instead of reading the declared SKILLPAY_API_KEY env var — this is inconsistent and risky (exposes a secret and ignores the declared env var).
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It writes to a local SQLite DB (odds_data.db) and creates local records — expected for a monitor. No elevated platform privileges requested.
Scan Findings in Context
[hardcoded_billing_api_key] unexpected: payment.py contains a hard-coded BILLING_API_KEY and SKILL_ID. The manifest (_meta.json) indicates the billing API key should be provided via SKILLPAY_API_KEY env var, but the code ignores that and uses the embedded constant. Embedding a long API key in source is a security risk and inconsistent with the skill manifest.
[undeclared_env_vars_usage] unexpected: monitor.py reads ODDS_API_KEY from environment and payment.py reads SKILLPAY_USER_ID from environment; _meta.json lists SKILLPAY envs but the registry metadata reported 'Required env vars: none'. The discrepancy between declared requirements and actual code behavior is concerning and could surprise users.
[billing_behavior] expected: The skill integrates with an external billing service (skillpay.me) to charge per call (0.01 USDT). Billing calls and payment links in payment.py are expected for a paid skill, but combined with the hard-coded API key the implementation raises additional risk.
What to consider before installing
This skill does what it says (fetches odds, detects changes, issues alerts) but has notable red flags around billing and metadata. Before installing: 1) Do not trust or run this in a sensitive environment until reviewed — payment.py contains a hard-coded billing API key which should be removed and rotated; the code should use an env var instead. 2) Confirm and document required environment variables (ODDS_API_KEY, SKILLPAY_API_KEY, SKILLPAY_USER_ID) and ensure you control any keys used. 3) Understand billing: the skill will attempt to charge via skillpay.me; ask how the user_id is mapped and whether anonymous charges could occur (verify_payment defaults to 'anonymous_user'). 4) If you want to proceed, request that the author: remove embedded secrets, read billing API key from SKILLPAY_API_KEY env var, and clearly surface payment behavior in SKILL.md. 5) Run the code in an isolated/test environment and audit network calls (especially to skillpay.me) before giving it access to real credentials or production systems. If you cannot get these fixes, treat the skill as untrusted for anything involving real billing or sensitive credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f9b1jqr9z99724xzgdj76vh84dma1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments