Philidor — DeFi Vault Intelligence
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: philidor Version: 0.1.1 The skill bundle provides instructions for an AI agent to interact with the Philidor DeFi intelligence CLI tool. All commands are legitimate calls to the `philidor` binary, and the installation process uses a standard Node.js package manager. The SKILL.md instructions are clear, focused on DeFi analysis, and do not contain any prompt injection attempts, instructions for data exfiltration, malicious execution, or persistence mechanisms. The use of the `PHILIDOR_API_URL` environment variable is for configuration, not exfiltration. All associated domains and package names are consistent with the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may install and run an external Philidor command-line tool on the user's machine.
The runtime functionality is delegated to an external npm CLI package. This is clearly disclosed and central to the skill's purpose, but it means installation depends on trusting that package provenance.
node | package: @philidorlabs/cli | creates binaries: philidor
Install only if you trust Philidor/@philidorlabs as a package source, and keep the CLI updated through normal package-management practices.