Skillv1.0.0

ClawScan security

ConsortiumAI Create Account · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 6:03 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (creating a custodial wallet via Consortium AI) but metadata and naming inconsistencies around the required API key and provenance warrant caution before installing or using it.
Guidance: This skill appears to implement what it claims (it posts a walletAddress to https://api.consortiumai.org using an API key). Before installing or using it: (1) verify the API key provenance — only set a key you obtained directly from Consortium AI and do not reuse high-privilege keys from other services; (2) confirm the correct environment variable name with the skill publisher (metadata omitted the required env var and the provided name TRADING_ANALYSIS_API_KEY looks mismatched), (3) verify the Consortium AI domain and contact info (the SKILL.md points to an X account) to ensure the service is legitimate, (4) review the small script yourself or run it in an isolated environment since it will transmit the wallet address and API key to a remote endpoint, and (5) if you rely on this for production funds or sensitive accounts, request stronger assurances (publisher identity, TLS certs, official docs) before use.

Review Dimensions

Purpose & Capability: noteThe skill's name, description, SKILL.md, and the bundled script all align: they call https://api.consortiumai.org to create a custodial wallet using an API key. However, the registry metadata lists no required environment variables while SKILL.md and the script require TRADING_ANALYSIS_API_KEY — an inconsistency that should be resolved. Also the env var name (TRADING_ANALYSIS_API_KEY) is oddly named for a custodial-wallet API key, which could indicate mislabeling or reuse of a key intended for a different product.
Instruction Scope: okThe runtime instructions and bundled script are scoped narrowly: they only require an API key and a wallet address, then POST that address to the documented API endpoint. The instructions do not ask the agent to read other files, system paths, or unrelated environment variables.
Install Mechanism: okThis is an instruction-only skill with a small included script and no install spec. Nothing is downloaded or installed at runtime beyond running the provided Node script. That minimizes install-time risk.
Credentials: concernThe skill requires a single API key (TRADING_ANALYSIS_API_KEY) which is reasonable for the described API, but: (1) the registry metadata omitted this required env var, (2) the key name is unexpected for a custodial-wallet API and could lead users to mistakenly supply the wrong credential, and (3) creating custodial wallets is a sensitive operation — using a high-privilege or shared API key here would be risky. The skill does not request additional unrelated credentials, which is good.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills or system configuration, and does not install persistent agents. It runs only when invoked, so persistence/privilege concerns are low.