加密货币与贵金属监控(国内源)
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may be installing a package whose internal identity does not exactly match the registry listing.
This embedded metadata differs from the supplied registry metadata, which lists a different owner ID, slug `crypto-gold-monitor-cn`, and version `1.0.0`. That is not malicious by itself, but it is a provenance/packaging mismatch users should verify.
"ownerId": "kn736rzd6bc915rft5008bj5f97zzzpq", "slug": "crypto-gold-monitor", "version": "1.2.1"
Verify the publisher and package version before relying on it, especially because the source and homepage are not provided.
The tool will contact third-party price services, and the displayed prices may be affected if a provider is unavailable or if the HTTP data source is tampered with in transit.
The script uses fixed external API calls to fetch market data, including one plain HTTP endpoint. This is expected for the stated price-monitoring purpose, but data accuracy and integrity depend on those providers and the network path.
curl -s --connect-timeout 3 "https://api.coingecko.com/api/v3/simple/price?..." ...; curl -s --connect-timeout 5 "http://zhangliang.tideimg.com/data"
Use the output as reference information only, as the skill itself also warns; do not treat it as authoritative trading or investment advice.