Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Heurist Mesh Crypto Analysis Skill
v1.0.3Real-time crypto token data, DeFi analytics, blockchain data, Twitter/X social intelligence, enhanced web search, crypto project search all in one Skill. For...
⭐ 10· 2.4k·2 current·2 all-time
byJW@wjw12
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill description (crypto/DeFi analytics, mesh API) is plausible for needing an API key or payment method, but the published registry metadata declares no required environment variables or credentials while the SKILL.md explicitly instructs users to add HEURIST_API_KEY, WALLET_PRIVATE_KEY, or INFLOW_* keys to a .env file. The missing declared requirements are an incoherence: the skill will need secrets but metadata does not advertise them.
Instruction Scope
SKILL.md instructs the agent (and user) to read the project .env file to confirm credentials and to store private keys in that file. It also includes detailed multi-step payment flows (HTTP endpoints, on‑chain signing via cast/Foundry, and Inflow flows). These instructions cause the agent to access local files containing secrets and to construct signatures/payments; that is within the skill's stated purpose for payment-enabled calls, but it also grants the skill broad ability to read sensitive local credentials and to perform actions with them — and those actions are not reflected in the registry's declared requirements.
Install Mechanism
This is an instruction-only skill (no install spec). However the references describe installing Foundry/cast via curl | bash for x402 on-chain payments. Because the skill doesn't include an install block, that installation is left to the user/agent; it's a normal pattern but important to know (curl | bash installs have supply-chain risk).
Credentials
The SKILL.md asks for three classes of sensitive credentials: HEURIST_API_KEY (expected), WALLET_PRIVATE_KEY (on‑chain payment — high privilege), and INFLOW_USER_ID/INFLOW_PRIVATE_KEY (payment). Requiring a wallet private key is proportionate if you choose the x402 flow, but the registry metadata did not declare any required env vars and the instructions ask the agent to read .env directly. Storing a raw private key in a project .env is risky; if you must use on‑chain payments, a dedicated ephemeral wallet or delegated signing is safer.
Persistence & Privilege
The skill does not request always:true and does not declare modifications to other skills or global config. Autonomous invocation is allowed (platform default) but not uniquely privileged here. The skill's runtime behavior doesn't request permanent system-level presence beyond reading .env and interacting with remote Mesh endpoints.
What to consider before installing
This skill is plausible for crypto analytics but contains inconsistencies and sensitive steps you should review before installing: (1) The registry lists no required environment variables, yet SKILL.md instructs storing HEURIST_API_KEY, WALLET_PRIVATE_KEY, or INFLOW keys in a local .env — confirm the publisher and why the metadata omits these. (2) If you use the x402 flow, the skill asks you to place a wallet private key in plaintext in the project root; avoid using your primary wallet. Use an ephemeral wallet with minimal funds or prefer the API key or Inflow routes. (3) The x402 instructions recommend installing Foundry via curl | bash — that has supply-chain risk; audit the install source before running. (4) Ensure you trust the endpoints (mesh.heurist.xyz / mesh.heurist.ai) and verify the skill publisher identity (there's no homepage). (5) Ask the publisher to update registry metadata to declare required env vars and to provide a less-privileged payment option (delegated signing, wallet-connect, or Inflow-only) and to avoid instructing agents to read arbitrary local files. If you proceed, limit credentials, use throwaway wallets, and review network calls carefully.Like a lobster shell, security has layers — review code before you run it.
latestvk978tthd6y0x3d5xpfcbpjp8gs81rm5z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.