Back to skill
Skillv0.1.1
ClawScan security
Aster Spot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 3, 2026, 10:00 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with a spot-exchange API client: its instructions describe authenticated and unauthenticated endpoints and HMAC signing, and it does not request unrelated credentials, installs, or persistent privileges.
- Guidance
- This skill appears to be a straightforward API usage guide for the Aster spot exchange. Before using it, verify the API base URL (https://sapi.asterdex.com) is the official endpoint you intend to use. Never paste your secret API key into public chat or logs; use a dedicated API key with the minimum permissions you need (e.g., read-only if you only query market data). Prefer IP-restricted or test keys for experimentation. Note the manifest did not declare the API key/secret fields — expect to provide them interactively or via whatever secret mechanism your agent platform supplies. If you plan to let the agent act autonomously with this skill, create a low-permission key and monitor account activity (and consider disabling trading/withdraw permissions unless explicitly needed).
- Findings
[no-findings] expected: The static scanner found no code to analyze because this is an instruction-only skill. That absence is expected; the SKILL.md and references are the security surface to review.
Review Dimensions
- Purpose & Capability
- noteThe name/description (Aster Spot) match the SKILL.md and authentication reference: this is a guide for calling Aster spot endpoints. One minor inconsistency: the manifest declares no required environment variables or primary credential, but the documentation clearly requires an API key and secret for authenticated endpoints. This is likely an authoring omission rather than malicious behavior, but users should expect to provide API key/secret at runtime.
- Instruction Scope
- okInstructions are scoped to making HTTP calls to https://sapi.asterdex.com and signing requests with HMAC-SHA256. They recommend using curl, jq, openssl and give examples for bash and Python. The instructions do not ask the agent to read unrelated system files, exfiltrate data to other endpoints, or modify other skills. They do show examples that place API secrets into shell variables for signing — normal for an API client but requires caution by the user.
- Install Mechanism
- okNo install spec or code files are included; this is an instruction-only skill. That minimizes disk-write risk and there are no external downloads to evaluate.
- Credentials
- noteAuthenticated endpoints legitimately require an API key and secret (HMAC signing). The skill does not request unrelated credentials, but the registry metadata did not declare the API key/secret as required environment variables or a primary credential. Users should treat API key/secret as sensitive: supply minimal-permission keys, use IP whitelists if possible, and avoid entering a full-funding key.
- Persistence & Privilege
- okThe skill is not always-enabled, has no install, and does not request persistent platform privileges or modify other skills. Autonomous agent invocation is allowed by default (normal) but nothing here amplifies that risk.