ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Whale Alert Monitor 鲸鱼监控

v2026.4.15-100

追踪加密货币巨鲸动向、大额转账预警、交易所资金流向分析。 当你想追踪聪明钱的每一步,监测大户交易行为时使用此技能。 已接入 SkillPay,每次调用 0.01 USDT。

0· 1.9k·0 current·0 all-time
by@shenmeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description match the code: scripts monitor wallets, transfers, exchange flows and send notifications. However the registry metadata declared no required env vars or credentials while the code expects many (Telegram/Discord/webhook tokens, multiple blockchain API keys) and _meta.json declares SkillPay billing env vars — an internal inconsistency. The included SkillPay billing integration and notification/webhook support do fit the stated purpose, but the mismatch between declared requirements and actual code is concerning.
!
Instruction Scope
SKILL.md is high-level and does not enumerate required env vars or local files, yet the runtime code reads/writes local files (config.yaml, alert_configs.json, alert_history.json, whale_monitor.log), calls external services (SkillPay, Telegram API, Discord webhooks, custom webhooks), and expects blockchain provider APIs (Etherscan/Alchemy/Moralis). Instructions grant the skill broad discretion to create files and send data externally; the SKILL.md does not surface these details.
!
Install Mechanism
The skill is marked as instruction-only (no install spec) but ships multiple Python scripts that import third‑party modules (requests, yaml, etc.) with no declared dependency list. There is no installation or dependency guidance in the registry metadata; that makes it unclear how dependencies will be satisfied and increases operational risk.
!
Credentials
The code uses several environment variables (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, DISCORD_WEBHOOK_URL, CUSTOM_WEBHOOK_URL, and expects blockchain API keys) and _meta.json references SKILLPAY_API_KEY and SKILLPAY_USER_ID. Yet the registry listed no required env vars. Crucially, payment.py contains a long hard-coded SkillPay API key in the repository — a sensitive credential baked into source that should not be present and is not justified by the metadata. The number of secrets matches the functionality, but the hard-coded key and metadata mismatch are disproportionate and risky.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It writes logs and configuration files into its working directory (normal for a daemon) and can be run autonomously (default). There's no indication it modifies other skills or system-wide settings.
Scan Findings in Context
[hardcoded-billing-key] unexpected: payment.py contains a long literal API key (BILLING_API_KEY) embedded in source. Billing integration normally reads a runtime secret from environment or a secure store; a baked-in key is a sensitive secret and unexpected.
[network-calls] expected: The scripts perform outbound network requests to SkillPay, Telegram, Discord, and blockchain provider APIs — this is expected for a monitoring/alerting skill, but the SKILL.md and registry metadata do not enumerate these external endpoints or required credentials.
[local-file-io] expected: The code reads/writes local config and log files (config.yaml, alert_configs.json, alert_history.json, whale_monitor.log). This is reasonable for a daemon, but the SKILL.md did not call this out.
What to consider before installing
What to consider before installing: - Don't install blindly. The codebase includes multiple runnable Python scripts (monitor daemon, transfer monitor, alert manager) but the registry metadata omitted required env vars and dependency info — expect to supply API keys and install Python packages (requests, pyyaml, etc.). - Review or remove the hard-coded SkillPay API key in payment.py. A literal billing API key in repo is dangerous: it could be abused or indicate that billing is implemented insecurely. Prefer an environment-based secret (and confirm with the author). - Confirm you trust the billing provider (skillpay.me) and the author before allowing automated charging; understand how billing is triggered (payment.py charges per call). Consider testing in an isolated environment or sandbox account. - Audit and control what credentials you provide: Telegram/Discord webhooks and blockchain provider keys are required for notifications and data. Never provide high-privilege credentials (exchange withdrawal API keys) to this skill. - Because there is no install spec, run the code in a controlled environment (container/VM) and pin dependency versions from trusted package sources. - If you plan to use it, update the manifest/SKILL.md to list required env vars and dependencies, remove hard-coded secrets, and verify network endpoints. If unsure, seek a newer/official release or contact the author for clarification.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fx2v01wtrantp85163g3r1184w2bb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments