Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
vs-test
v1.0.1ValueScan数据查询Skill。支持代币搜索、K线数据、主力资金流分析、链上数据查询等加密货币市场数据分析功能。
⭐ 0· 30·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description match a cryptocurrency data API and the code + references implement many ValueScan endpoints — that is coherent. However the registry metadata claims no required credentials or config paths while SKILL.md and the included SDK require API Key/Secret; this metadata omission is inconsistent and reduces transparency.
Instruction Scope
SKILL.md describes only ValueScan API usage (K-lines, fund flows, on-chain data). The included SDK code (script/sdk/vs_api_sign.js) reads credentials from a local file (~/.openclaw/credentials/valuescan.json) and performs signed POSTs to https://api.valuescan.io — the network calls are to the expected host. The concern is that the runtime instructions and SDK access a local credentials file which was not declared in the registry metadata; the skill therefore accesses local filesystem state (the credentials file) outside what the metadata advertised.
Install Mechanism
No install spec (instruction-only + small SDK file). No remote downloads or extraction. The SDK uses only built-in Node modules (crypto/fs/url) and contains a small example; risk from install mechanisms is low.
Credentials
SKILL.md declares two required credentials (api_key and secret_key) and the SDK requires valuescanApiKey/valuescanSecretKey — these are proportionate for calling the API. But the registry metadata lists no required env vars and no config paths; the SDK instead expects a credential file at ~/.openclaw/credentials/valuescan.json. That mismatch is a proportionality/transparency problem: the skill needs secrets (normal) but fails to declare how it expects them to be provided (env vs config file) in the registry metadata.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It reads a credential file in the user's home directory but does not modify other skills or system configs. Autonomous invocation is allowed (platform default) — combine this with the credential access mismatch when deciding trust.
What to consider before installing
This skill implements ValueScan API calls and legitimately needs an API key and Secret for HMAC signing, but the package metadata failed to declare that. Before installing: (1) Confirm how the skill expects credentials — the SDK reads ~/.openclaw/credentials/valuescan.json, whereas registry metadata claims no config paths; decide whether you are comfortable storing keys there. (2) Only provide a keyspair with minimal privileges (rotate or revoke if unsure). (3) Verify the skill source and homepage (https://www.valuescan.ai) and prefer registering API keys via the official developer portal. (4) If you need stricter isolation, run the skill in a sandboxed agent or deny file-system access to the home directory. (5) Ask the publisher to correct registry metadata to explicitly declare required credentials and config paths, and/or change the SDK to accept credentials from declared env vars rather than an undeclared file.script/sdk/vs_api_sign.js:25
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97996e434ahmqp4g1kbbdd06n84t1bx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.