ClawHub

Leviathan News

v1.0.1

Crowdsourced crypto news API. Submit articles, comment, and vote to earn SQUID tokens. Human-curated DeFi news with token-aware tagging.

1· 1.8k·0 current·0 all-time
by@zcor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill is a crowdsourced news/curation API. Needing a wallet/address for identity is reasonable, but requiring direct access to WALLET_PRIVATE_KEY (declared as the primary credential) is not proportional to a news submission/voting API. A normal integration would use an external wallet or ask the user to sign messages locally rather than request the raw private key.
!
Instruction Scope
The SKILL.md describes a workflow where the user obtains a nonce and signs the message locally, explicitly warning 'Never transmit your private key.' However the skill metadata declares WALLET_PRIVATE_KEY as a required environment variable/primary credential. The runtime instructions do not show reading WALLET_PRIVATE_KEY from env, creating a conflict: either the skill expects the agent to possess the private key (dangerous) or the metadata is incorrect. This inconsistency is a red flag.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so there is no installer or downloaded executable to review. That reduces some attack surface compared to an installable package.
!
Credentials
Requesting a private key env var (WALLET_PRIVATE_KEY) is high-risk and not justified by the documented curl-based API usage. If provided, the agent could sign arbitrary authentication requests on behalf of the user, enabling account takeover or other unintended actions. The declared primary credential is overly broad for the stated purpose.
Persistence & Privilege
The skill is not marked always:true and is user-invocable, which is normal. However, because autonomous invocation (model-invocation enabled) is allowed by default, giving this skill a private key would significantly increase its potential impact — an autonomously-invoked skill with wallet signing capability has a larger blast radius. This combination should increase caution, though it is not itself proof of malice.
What to consider before installing
Do not place your real wallet private key in WALLET_PRIVATE_KEY for this skill unless you fully trust the publisher and have verified the code. The SKILL.md itself warns to sign locally, which is the safer approach — prefer using an external wallet or manual signing (copy/paste the signature) rather than giving the skill your private key. If you must use an automated agent, create and use a dedicated, empty/ephemeral wallet with no funds and minimal privileges. Ask the publisher to explain why WALLET_PRIVATE_KEY is required (and to provide source code you can audit). If you already provided a private key, treat it as compromised: move funds, rotate keys, and stop using the key. Consider declining or sandboxing the skill until the required-credential mismatch is resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ac36ph7sg4sprvzf4r7fa0h80b5c9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦑 Clawdis
EnvWALLET_PRIVATE_KEY
Primary envWALLET_PRIVATE_KEY

Comments