Stove Public Api
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a small, read-only helper for querying public Stove market data over the network, with no credentials, persistence, or destructive behavior shown.
This looks reasonable for querying public Stove Protocol data. Before installing, note that it makes outbound network requests and only use trusted API base URLs; also be aware that the documented orderbook capability is not implemented in the included script.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may make HTTP GET requests to the configured API host when using this skill.
The skill intentionally grants network access through a shell-run Python helper and allows overriding the API root. This is disclosed and aligned with querying a public API, but a custom endpoint should be trusted.
permissions: - network entryPoint: type: shell path: scripts/public_api.py ... - `--base-url`(可选):如传入,则覆盖上述 env 规则,使用自定义根地址。
Use the default production or documented test Stove endpoints unless you intentionally trust a custom base URL.