ClawRTC

The code implements a RustChain miner and hardware-fingerprint checks which match the skill description, so purpose and capability mostly align. However the optional Coinbase integration expects CDP API credentials via environment variables (CDP_API_KEY_NAME, CDP_API_KEY_PRIVATE_KEY) but the registry metadata lists no required env vars or primary credential. Also multiple repository/explorer URLs in README/SKILL.md differ (hostname, IP, bottube.ai), and the package owner/registry homepage is blank — these metadata mismatches reduce trust.

SKILL.md describes the attestation payload as limited (CPU model, clock variance, cache profile, VM flags, wallet name). The actual miner attestation transmits MAC addresses, hostname, fingerprint_data (including sample previews / entropy stats) and device fields — more identifying information than the SKILL.md explicitly lists. The CLI and miner read many system paths and run commands (lscpu, ip/ifconfig, free, /proc files, sysctl), which is expected for hardware fingerprinting but broader than the simple summary in the docs. The coinbase flow requires environment secrets (checked at runtime) that were not declared in registry metadata.

This is an instruction-and-package distribution intended to be installed via pip (no additional install spec in registry). There are no external downloads at runtime claimed; bundled miner scripts are installed from the package. That is proportionate for a Python miner. The miner does perform network calls to a node URL (bulbous-bouffant.metalseed.net) during operation; there is no code-obfuscation or remote archive extraction in the package itself.

The package does not declare required environment variables in the registry, yet coinbase_wallet.py reads CDP_API_KEY_NAME and CDP_API_KEY_PRIVATE_KEY for auto wallet creation. The miner also reads standard environment keys to detect containerization (KUBERNETES, DOCKER, VIRTUAL) and writes wallet/config files to ~/.clawrtc. Asking for CDP private key material is sensitive and should be declared explicitly; omission is a red flag.

The tool creates a directory in the user's home (~/.clawrtc), a Python venv, saves wallet and coinbase files, and (per README/CLI hints) can create a user background service if requested. 'always' is false and autonomous invocation is default platform behavior. This level of persistence and privilege is expected for a miner but the user should be aware files and services will be added to their home directory and optionally a user service manager.