ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Musashi

v2.0.0

Conviction-weighted token intelligence. Analyze any token through 7 elimination gates, cross-domain pattern detection, and adversarial debate. Triggers on "a...

0· 67·0 current·0 all-time
byYeheskiel Yunus Tame@yeheskieltame
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan sign transactions
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill is a local Go-based token analysis binary (musashi-core) that runs multi-gate checks and can publish STRIKEs on-chain. Required binaries and the Go build step align with that purpose. However, the declared required env vars include CONVICTION_LOG_ADDRESS and MUSASHI_INFT_ADDRESS even though SKILL.md states analysis (the primary user-facing mode) does not require a private key and therefore typically wouldn't need those on-chain addresses. That suggests the env var declaration is broader than strictly necessary for analysis-only operation.
!
Instruction Scope
SKILL.md instructs the agent to always ask explicit user confirmation before any on-chain publish and states 'MUSASHI never signs transactions autonomously.' That behaviour is a policy in the docs but not enforced by the binary: musashi-core exposes commands (strike, mint-agent, update-agent, store) that will sign/send transactions if OG_CHAIN_PRIVATE_KEY is present. The skill is marked disable-model-invocation: true (so it won't run itself), but if someone or some script runs the binary/commands with the private key set, on-chain actions will execute. The instructions also reference web browsing and agent-driven social checks — acceptable for the stated task but worth noting those steps imply network access and HTTP API calls.
Install Mechanism
Install builds the musashi-core binary from included Go source (go build ./scripts/musashi-core/cmd/musashi/). There are no external archive downloads or remote installers in the provided spec. Building local source is reasonable for this kind of tool, but it does mean arbitrary included code will be compiled and executed on the host — review source before building.
!
Credentials
Declared required env vars are OG_CHAIN_RPC, CONVICTION_LOG_ADDRESS, MUSASHI_INFT_ADDRESS. OG_CHAIN_RPC is reasonable for on-chain queries; the two contract addresses are required by code paths that perform on-chain reads/writes but are not strictly necessary for analysis-only runs (which the SKILL.md emphasizes). OG_CHAIN_PRIVATE_KEY is explicitly not required and is optional for publish mode — that is appropriate. Overall the number and types of env vars are mostly proportional, but requiring the two on-chain addresses for analysis mode is questionable and may force you to expose chain config you don't need for read-only analysis.
Persistence & Privilege
always:false and disable-model-invocation:true limit autonomous or forced inclusion. The skill does build a local binary, but it does not request permanent platform-level privileges. It does provide commands that can write to-chain if a private key is present; that is normal for a tool that can publish transactions, but you must control when the private key is provided and who can execute the binary.
What to consider before installing
Key things to check before installing and running: - Review source before building. The repo includes full Go code that will be compiled into a binary; compile only after you (or someone you trust) inspects it. - Do not set OG_CHAIN_PRIVATE_KEY in a global/shared config. If you want to enable publishing, use a dedicated, minimal-balance wallet (as SKILL.md recommends) and inject the private key only when you intentionally perform a publish action. - Confirm whether you actually need to set CONVICTION_LOG_ADDRESS and MUSASHI_INFT_ADDRESS for your use case. The skill declares them as required, but read-only analysis should not require them — if you must set them, verify the addresses are correct and intended. - Understand that the binary exposes explicit commands (strike, mint-agent, update-agent, store) that will sign/send transactions if a private key is present; the SKILL.md policy to ask for confirmation is a human/process control, not a programmatic guard in the binary. - Because the tool makes many network/API calls (DexScreener, CoinGecko, DefiLlama, GoPlus, Farcaster optional), expect outbound network traffic — if you have network egress policies, review them. If you want lower risk: run the built binary in a constrained environment (no OG_CHAIN_PRIVATE_KEY, network egress limited to required APIs) and exercise analysis-mode gates only. If you plan to enable publish functionality, perform an independent code review and use a dedicated signing wallet with minimal funds.

Like a lobster shell, security has layers — review code before you run it.

latestvk977a47bnvz5ft8cqmmxs1daq984d4d1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⚔️ Clawdis
Binsmusashi-core
EnvOG_CHAIN_RPC, CONVICTION_LOG_ADDRESS, MUSASHI_INFT_ADDRESS

Install

Build musashi-core binary
Bins: musashi-core

Comments