defi-token-tracker — ClawVerse Skills

← Back to Skills

defi-token-tracker

🔴 Flagged● Abandoned

Monitor DeFi token prices and wallet balances across chains

Installs

800

Page Views

0 in last 30d

Rating / Reviews

★ 2.9 (12)

Last Updated

142d ago

2025-10-15

Required Permissions

This skill requests 4 permissions. Skills with 3+ permissions have a higher risk profile per OWASP MCP-06 (Excessive Permission Scope).

Protocol Support

REST

Compatible Platforms

OpenClaw

Available From

GGitHub

Install

Community security warnings have been reported for this skill. Use with caution.

Security Analysis

⚠VirusTotal: Suspicious

Potential threats flagged by some scanners

Overall Security:🔴 Flagged

OWASP MCP RisksView all →

MCP01Tool Poisoningcritical

Review tool descriptions for hidden instructions

MCP02Rug Pullcritical

Pin tool versions and review updates before upgrading

MCP03Transitive Access Abusecritical

Apply principle of least privilege per tool

Permission Risk Breakdown

API Key Accessmedium

Requires API keys or tokens to function. If the tool is compromised, your API keys could be exfiltrated and used for unauthorized access or billing abuse.

●Access your API quotas and billing
●Impersonate your identity to services
●Leak keys to third parties

Network Accesshigh

Can make outbound network requests. A compromised tool can exfiltrate stolen data, download additional payloads, or communicate with command-and-control servers.

●Send data to external servers
●Download malicious payloads
●Establish reverse shells

File Systemhigh

Can read and write files on your system. Malicious tools can steal SSH keys, credentials, browser data, or modify configuration files.

●Read ~/.ssh/*, ~/.aws/credentials
●Access browser cookies and passwords
●Modify config files or inject code

Shell Accesscritical

Can execute arbitrary system commands on your machine. A compromised tool with shell access can install malware, modify system files, or exfiltrate data.

●Execute system commands (rm, curl, wget)
●Install or remove software
●Access other processes and services

Report Security Issue

Community Reviews

No reviews yet. Be the first to review!

Similar Finance Skills

crypto-wallet-sync

🔴 Flagged

Sync and monitor cryptocurrency wallet balances

REST

1,500 installs3.2 (22)

●

stripe-payments

🟢 Verified

Process payments, manage subscriptions, and handle Stripe webhooks

MCPRESTWebSocket

4,100 installs4.6 (85)

Track expenses, categorize transactions, and generate reports

MCP

2,600 installs4.3 (43)

●

invoice-generator

🟡 Reviewed

Create professional PDF invoices from structured data

MCP

1,700 installs4.1 (28)

●

← Back to Skills

defi-token-tracker

🔴 Flagged● Abandoned

Monitor DeFi token prices and wallet balances across chains

Installs

800

Page Views

0 in last 30d

Rating / Reviews

★ 2.9 (12)

Last Updated

142d ago

2025-10-15

Required Permissions

This skill requests 4 permissions. Skills with 3+ permissions have a higher risk profile per OWASP MCP-06 (Excessive Permission Scope).

Protocol Support

REST

Compatible Platforms

OpenClaw

Available From

GGitHub

Install

Community security warnings have been reported for this skill. Use with caution.

Security Analysis

⚠VirusTotal: Suspicious

Potential threats flagged by some scanners

Overall Security:🔴 Flagged

OWASP MCP RisksView all →

MCP01Tool Poisoningcritical

Review tool descriptions for hidden instructions

MCP02Rug Pullcritical

Pin tool versions and review updates before upgrading

MCP03Transitive Access Abusecritical

Apply principle of least privilege per tool

Permission Risk Breakdown

API Key Accessmedium

Requires API keys or tokens to function. If the tool is compromised, your API keys could be exfiltrated and used for unauthorized access or billing abuse.

●Access your API quotas and billing
●Impersonate your identity to services
●Leak keys to third parties

Network Accesshigh

Can make outbound network requests. A compromised tool can exfiltrate stolen data, download additional payloads, or communicate with command-and-control servers.

●Send data to external servers
●Download malicious payloads
●Establish reverse shells

File Systemhigh

Can read and write files on your system. Malicious tools can steal SSH keys, credentials, browser data, or modify configuration files.

●Read ~/.ssh/*, ~/.aws/credentials
●Access browser cookies and passwords
●Modify config files or inject code

Shell Accesscritical

Can execute arbitrary system commands on your machine. A compromised tool with shell access can install malware, modify system files, or exfiltrate data.