ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CoinGecko Price

v1.0.0

Query cryptocurrency prices and market data via CoinGecko API. Use when: (1) checking current crypto prices, (2) viewing market cap rankings, (3) monitoring...

0· 789·2 current·2 all-time
by@ouyangabel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md instructions, and the included Python script all consistently implement a CoinGecko price/query tool. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md instructs running the included script with clear commands (search/get/top). The instructions and script only fetch data from api.coingecko.com and do not reference or read other system files, environment variables, or external endpoints.
Install Mechanism
There is no install spec; this is instruction-only plus a bundled Python script. No downloads, package installs, or archive extraction are performed by the skill.
Credentials
The skill declares no required environment variables or credentials and the script does not read secrets or config files. Network access to api.coingecko.com is the only external requirement and is proportionate to the purpose.
Persistence & Privilege
The skill does not request always:true and does not modify agent/system configuration. It runs only when invoked and does not persist or request elevated privileges.
Assessment
This skill appears coherent and limited to querying CoinGecko's public API. It does make outbound HTTPS requests to api.coingecko.com (the script uses urllib) and includes a custom User-Agent string; those network calls are expected for this functionality. Because the source/homepage is unknown, if you require a higher assurance level you may: (1) review the provided script locally before running, (2) run it in an isolated environment if you are cautious, and (3) be aware of CoinGecko rate limits and that results are for reference only (not financial advice).

Like a lobster shell, security has layers — review code before you run it.

bitcoinvk9741epc4db8kfk1m89kzd5etn81rsgxcoingeckovk9741epc4db8kfk1m89kzd5etn81rsgxcryptovk9741epc4db8kfk1m89kzd5etn81rsgxcryptocurrencyvk9741epc4db8kfk1m89kzd5etn81rsgxethereumvk9741epc4db8kfk1m89kzd5etn81rsgxfinancevk9741epc4db8kfk1m89kzd5etn81rsgxlatestvk9741epc4db8kfk1m89kzd5etn81rsgxpricevk9741epc4db8kfk1m89kzd5etn81rsgx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments