← 返回 Skills 市场

Crypto Scam Red Flags

Name: Crypto Scam Red Flags
Author: harrylabsj

作者 haidong · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install crypto-scam-red-flags

功能描述

A scam-screening skill that reviews offers, messages, or influencer claims and points out concrete red flags. Use when the user receives a suspicious offer,...

使用说明 (SKILL.md)

crypto-scam-red-flags

A scam-screening skill that reviews offers, messages, or influencer claims and points out concrete red flags.

Workflow

Take the pasted message, offer text, DM, or campaign description.
Look for urgency, guaranteed returns, impersonation, fake support behavior, secrecy, wallet-drain patterns, or emotional manipulation.
Classify the situation: likely scam, suspicious, unclear, or low-obvious-risk.
Explain why each red flag matters.
Give the safest next step: do not click, verify independently, or walk away.

Output Format

Risk verdict
Red flags found
Why they matter
Safest next action
What not to share or sign

Quality Bar

Uses evidence from the supplied text, not vague fear.
Stays practical and protective.
Makes the user safer even when certainty is impossible.
Avoids false confidence like "100% safe."

Edge Cases

Some real promotions look spammy; say when independent verification is still needed.
Cannot inspect links, smart contracts, or domains in real time.

Compatibility

Best with pasted text or manually transcribed screenshot content.
Prompt-only, strong complement to wallet safety education.

安全使用建议

This skill's description and SKILL.md look appropriate for scam screening, but handler.py contains a hard-coded local file read of /Users/jianghaidong/.openclaw/skills/{skill_name}/SKILL.md which is unnecessary and inconsistent. Before installing or enabling autonomous invocation: (1) ask the author why the handler reads that path and request removal or replacement with a safe, relative/resource-based read, (2) review or run the handler.py in a sandbox to confirm it doesn't exfiltrate or read unexpected files, and (3) avoid installing it on systems with sensitive local data until the file-access behavior is corrected. If the author cannot justify or fix the hard-coded path, treat the skill as untrusted.

功能分析

Type: OpenClaw Skill Name: crypto-scam-red-flags Version: 1.0.0 The handler.py file contains a path traversal vulnerability in the _load_skill_meta function, which uses an unsanitized skill_name input to read files from the local filesystem. Furthermore, the code contains a hardcoded absolute path to a specific user's directory (/Users/jianghaidong/), which is highly irregular for a portable skill. While there is no explicit logic to exfiltrate the read data, these implementation flaws provide a mechanism for unauthorized file access.

能力标签

cryptorequires-walletrequires-sensitive-credentials

能力评估

⚠ Purpose & Capability

The skill claims to be prompt-only and to work from pasted text; it does not need to access the local filesystem. Yet handler.py calls _load_skill_meta which opens /Users/jianghaidong/.openclaw/skills/{skill_name}/SKILL.md — a hard-coded user-home path. Reading arbitrary local files is not justified by the scam-screening purpose and is disproportionate.

⚠ Instruction Scope

SKILL.md describes a prompt-only workflow and does not instruct reading local files. The handler code contradicts that by attempting to read a SKILL.md from a specific local path. That is scope creep: the runtime behavior (file I/O) is not documented in the skill instructions.

✓ Install Mechanism

There is no install spec and no downloads or external installers. No additional packages or network installs are requested, so the install mechanism itself is low-risk.

⚠ Credentials

The skill declares no required env vars or credentials (appropriate), but the code accesses a hard-coded filesystem path in the user's home. Access to local files was not declared and is not proportional to the stated purpose.

✓ Persistence & Privilege

The skill is not always-enabled and does not request persistent privileges or modify other skills. Autonomous invocation is allowed by default (normal), and there is no evidence it writes system-wide config.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install crypto-scam-red-flags
安装完成后，直接呼叫该 Skill 的名称或使用 /crypto-scam-red-flags 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release — screens crypto-related messages for scam red flags. - Reviews offers, DMs, and claims, highlighting specific warning signs like urgency, guarantees, impersonation, and secrecy. - Provides a risk verdict, explains detected red flags, and recommends the safest next action. - Outlines what sensitive information not to share or sign. - Ensures suggestions are evidence-based and focused on user safety. - Stresses caution, never promising any message is "100% safe."

元数据

Slug crypto-scam-red-flags

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题