Safety Report

Beaconchain

Name: Beaconchain
Rating: 5 (2 reviews)
Author: ThisIsJeron

Monitor Ethereum validator dashboard health on beaconcha.in via V2 API, focused on one-check-per-day status and BeaconScore-first triage. Use when the user asks to check validator health, BeaconScore, missed duties, or set up low-anxiety daily monitoring/alerts for a beaconcha.in dashboard.

753Downloads

0Installs

2Stars

2Versions

API Integration4,971 Monitoring & Logging1,579 Notifications & Alerts1,061 Healthcare460

Security Analysis

high confidence

Clean

The skill's code, declared requirements, and runtime instructions are consistent with its stated purpose of performing a daily beaconcha.in dashboard health check and only require the two expected environment variables plus python3.

Feb 11, 20263 files

Purpose & Capabilityok

Name/description match the implementation: the script POSTs to beaconcha.in performance-aggregate and reads BEACONCHAIN_API_KEY and BEACONCHAIN_DASHBOARD_ID. There are no unrelated binaries, hosts, or credentials requested.

Instruction Scopeok

SKILL.md instructions align with the script: calls only the documented API endpoint, uses only env vars or CLI flags declared, prints JSON/concise outputs, and documents exit codes. The script does not read other files, spawn shells, or transmit data to other endpoints.

Install Mechanismok

No install specification is provided (instruction-only with an included Python script). This is low-risk; the script appears self-contained and uses only Python standard library modules.

Credentialsok

The skill requires only BEACONCHAIN_API_KEY and BEACONCHAIN_DASHBOARD_ID (and python3). Those are appropriate and necessary for calling the beaconcha.in API. No unrelated secrets or config paths are requested.

Persistence & Privilegeok

Skill is not always-enabled and sets disableModelInvocation=true (so the model will not autonomously invoke it). It does not modify other skills or system settings.

Guidance

This skill is internally consistent and implements precisely what it claims: a small Python script that POSTs to beaconcha.in and reports a simple daily status. Before installing, ensure you trust beaconcha.in and are comfortable granting that API key to this script (treat BEACONCHAIN_API_KEY as a secret). Review/scan the included script in your environment before running, store the key in a secure secret store or environment isolated from other services, and consider creating an API key with minimal scope or a dedicated key for this monitoring use. If you plan to run it on a schedule (cron), run it in a restricted environment (non-privileged account, limited network access) and rotate the API key if you suspect compromise. Finally, the skill disables autonomous model invocation, so it will only run when you explicitly call it.

Latest Release

v0.1.1

Declare required env vars/runtime in metadata, add security transparency section, and set disableModelInvocation for explicit-use safety.

More by @ThisIsJeron

Food Calendar Order

4 stars

Actual Budget

0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Published by @ThisIsJeron on ClawHub