ClawHub

Cex

v1.0.0

Analyze cex operations. Use when you need to understand cex mechanisms, evaluate protocol security, or reference on-chain concepts.

0· 90·0 current·0 all-time
bybytesagain4@xueyetianya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (analyze cex operations, evaluate protocol security) align with the provided functionality: a small CLI that records, lists, searches, exports and configures local entries for analysis. No unrelated capabilities are requested.
Instruction Scope
SKILL.md instructs the agent to run scripts/script.sh with specific subcommands. The script only manipulates files under its DATA_DIR, shows stats, and formats exports; it does not read arbitrary system files, invoke remote endpoints, or access secrets beyond an optional CEX_DIR override.
Install Mechanism
There is no install spec and the repository includes a single bash script. Nothing is downloaded or extracted from remote URLs and no packages are installed by the skill.
Credentials
The skill requires no environment variables or credentials. It optionally respects CEX_DIR to change the data directory — that is proportionate to its purpose.
Persistence & Privilege
always is false; the skill writes only to its own data directory (default ~/.cex) and does not modify other skills or global agent configuration.
Assessment
This skill appears safe and self-contained, but review and consider these points before installing: (1) It stores all entries in plaintext under ~/.cex/data.jsonl (or the directory you set with CEX_DIR). Do not record secrets or private keys as entries. (2) The bundled script performs local file writes and uses standard POSIX tools (sed, grep, tail); ensure you trust running an unfamiliar shell script in your environment. (3) If you want to limit its scope, set CEX_DIR to a sandboxed directory or inspect the script contents first. (4) The script's JSON parsing is simple/fragile — it's a usability note rather than a security issue, but confirm exported data does not leak sensitive content before sharing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ff1bpsvydzfmq7y8q2ahw7x83agsg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments