Skillv1.3.0

ClawScan security

Monte Carlo Crypto Core · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 6, 2026, 2:42 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely does what it claims (Monte Carlo crypto simulations) but has billing-related inconsistencies and a hardcoded billing key/default skill ID that are unexpected and warrant caution.
Guidance: This skill appears to implement the Monte Carlo simulation it advertises, but treat the billing parts with caution before installing. Key points to consider: - Billing and charges: The skill uses an external billing API (https://skillpay.me). Every non-skipped run calls the billing endpoint and may require payment. Test using the --skip-billing flag or a sandbox account first. - Hardcoded credentials: scripts/billing.py contains a hardcoded API key and a default SKILL_ID ('paythefly'). If you fail to set the required environment variables, the skill will fall back to those values and route billing requests to that account. That may cause unexpected charges or route payments away from your intended destination. - Docs inconsistency: SKILL.md and README refer to SKILLPAY_API_KEY, but the code expects SKILL_BILLING_API_KEY. Confirm which environment variables the platform will actually provide and set them explicitly before use. - What to do before using: inspect/replace billing.py or remove the hardcoded defaults, verify SKILL_BILLING_API_KEY points to an account you control, and run an initial test with --skip-billing or a test user to confirm behavior. If you cannot verify the billing endpoint and the account it charges, do not supply real payment credentials. Confidence is medium because the issues look like sloppy engineering (inconsistent env var names, hardcoded fallback) rather than clear malice, but the hardcoded billing fallback is a real risk that should be resolved or verified prior to use.

Review Dimensions

Purpose & Capability: noteThe code and SKILL.md implement a Monte Carlo GBM engine that matches the declared purpose. The skill also integrates with a billing endpoint (SkillPay), which is consistent with the README and SKILL.md. However, there are inconsistencies in environment variable naming (SKILLPAY_API_KEY mentioned in docs vs SKILL_BILLING_API_KEY required by the code) and a hardcoded API key and default SKILL_ID in scripts/billing.py that are not explained in the description.
Instruction Scope: okRuntime instructions are limited to installing requests and running the provided Python script with parameters. The SKILL.md does not ask the agent to read unrelated files or exfiltrate arbitrary system data. It does require passing a user ID for billing and to surface a payment_url if billing fails.
Install Mechanism: okNo install spec is provided (instruction-only skill). The only runtime dependency is the requests Python package; there is no remote code download or archive extraction declared.
Credentials: concernThe skill requests billing credentials (SKILL_BILLING_API_KEY, SKILL_ID) which are proportionate to a pay-per-call design, but scripts/billing.py contains a hardcoded API key and default SKILL_ID ('paythefly') that will be used if the environment variables are not set. That default could route billing activity to an unexpected account. Additionally, the SKILL.md/README reference a different env var name (SKILLPAY_API_KEY), increasing the risk of misconfiguration and accidental use of the hardcoded fallback.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skill configs, and does not persist beyond being invoked. Autonomous invocation remains enabled by default, which is normal and not in itself flagged.