ClawHub

VerdictSwarm

v2.0.0

Fight AI with AI. 6 adversarial AI agents debate crypto token risk before your agent trades. Rug-pull detection, security audits, consensus scoring via MCP.

0· 351·0 current·0 all-time
byDev 2 - SentienLabs@vswarm-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (multi-agent token analysis) align with the SKILL.md: it instructs calls to https://api.vswarm.io and describes MCP helpers for scanning, scoring, and reports. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions are narrowly scoped: use MCP tools or call the vendor API, present score/consensus, and include report URL. The skill does not ask the agent to read local files, access unrelated env vars, or transmit data to unexpected endpoints beyond api.vswarm.io.
Install Mechanism
The SKILL.md recommends a pip package (verdictswarm-mcp) but provides no install spec; that is expected for an instruction-only skill. Installing third-party Python packages can execute arbitrary code — users should review the package/source (e.g., PyPI listing or upstream repository) before running pip install.
Credentials
No environment variables, credentials, or config paths are required. The suggested operations (API calls and optional pip package) do not demand secrets from the user. Payment operations referenced (USDC on Solana) imply on-chain tx verification but do not request private keys.
Persistence & Privilege
This is an instruction-only skill with no install spec that would write persistent artifacts. always is false and there is no request to modify system or other skills' configurations.
Assessment
This skill appears coherent with its stated purpose, but take ordinary precautions: 1) Confirm the vendor domain (api.vswarm.io) is legitimate before sending token addresses or payment info. 2) Never share private keys or wallet seed phrases; the API should only receive public addresses/tx hashes. 3) If you plan to pip install verdictswarm-mcp, inspect the package source (PyPI page or upstream Git repo) to ensure it is trustworthy. 4) Be aware of pay-per-scan costs (USDC on Solana) and verify any on-chain payment flows independently. If you need higher assurance, ask the publisher for a homepage, source repository, or signed release artifacts before use.

Like a lobster shell, security has layers — review code before you run it.

cryptovk97fz8x2nxcf14gnpwnxpaj1b1843pz5defivk97fz8x2nxcf14gnpwnxpaj1b1843pz5latestvk97fz8x2nxcf14gnpwnxpaj1b1843pz5mcpvk97fz8x2nxcf14gnpwnxpaj1b1843pz5rug-pullvk97fz8x2nxcf14gnpwnxpaj1b1843pz5securityvk97fz8x2nxcf14gnpwnxpaj1b1843pz5solanavk97fz8x2nxcf14gnpwnxpaj1b1843pz5token-analysisvk97fz8x2nxcf14gnpwnxpaj1b1843pz5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments