Skillv1.0.0

ClawScan security

BTC Risk Radar · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 9, 2026, 2:38 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are coherent with a read-only BTC risk snapshot using public exchange APIs; nothing in the provided files requests secrets, installs software, or performs obvious writes, but the script content was truncated in the listing so full-file review is recommended.
Guidance: This skill appears to do what it says: fetch public market endpoints and produce a read-only risk snapshot. Before installing/using it: (1) review the full script (the provided listing was truncated) to ensure there are no hidden network endpoints, telemetry, or file writes in the unseen tail; (2) run the quick-audit commands in an isolated environment or container and monitor outbound network traffic to confirm only the documented exchange domains are contacted; (3) do not provide any API keys, wallet access, or credentials to this skill; (4) verify output discloses data_gaps and availability as the SKILL.md promises — if it hides gaps or tries to POST data, do not trust it. If you want higher assurance, paste the entire script into a static scanner or share the missing tail for re-review.

Purpose & Capability: okName/description request public options/perp/spot data and the repository contains a Python script that only calls public exchange REST endpoints (Deribit, Binance, Coinbase, OKX, Bybit). No unrelated binaries, services, or credentials are requested.
Instruction Scope: okSKILL.md restricts runtime behavior to running the included script and interpreting its JSON output; the documented commands and audit path focus on read-only HTTP queries and explicit disclosure of data gaps. The instructions do not ask the agent to read unrelated local files or send data to third-party endpoints.
Install Mechanism: okNo install spec — instruction-only with an included Python script. This is the lowest-risk install model. The script uses the standard requests library; no downloads from untrusted URLs are present in the provided portion.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The script as provided performs only unauthenticated public API calls; there is no apparent reason for secrets or elevated access.
Persistence & Privilege: okThe skill is not always-included and does not request persistent system changes. SKILL.md asserts the tool is read-only and will not write files or mutate exchange state; the visible code follows that model.