ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenCog

v0.1.4

Trade on prediction markets. Create a local wallet, list markets, check prices, buy and sell outcome shares. Coming soon: create and fund markets directly fr...

1· 316·0 current·0 all-time
by@0xastraea
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (trade on prediction markets) matches the code and scripts: listing markets, quoting, buying/selling, wallet creation. Required binaries (node, npm) and dependency on an Ethereum client library (viem) are expected. However, the registry metadata in the provided manifest claims no required environment variables while SKILL.md and package.json declare PRIVATE_KEY (required) and optional PRECOG_RPC_URL / PRECOG_NETWORK — this metadata mismatch is an incoherence that should be corrected.
Instruction Scope
SKILL.md and the scripts limit actions to local wallet creation, reading the local env file, signing transactions locally and calling blockchain RPCs. Instructions explicitly say the private key is never transmitted and warn about RPC trust. There are no instructions to read unrelated system files or to send data to unexpected external endpoints. The instruction to 'always show output verbatim' is a UI behavior requirement (not an exfiltration step) but could increase accidental disclosure of sensitive on‑chain data if misused.
Install Mechanism
There is no automated download-from-arbitrary-URL step; installation is the normal npm install of dependencies (viem). package-lock.json is present, which pulls packages from the public npm registry — moderate and expected risk for a Node-based blockchain client. No opaque remote archives or URL shorteners are used in the provided files.
!
Credentials
The skill requires a PRIVATE_KEY for signing transactions and documents storing it at ~/.openclaw/.env in plaintext. Requiring a private key is proportionate to the stated purpose, but storing it in plaintext is a sensitive design choice and increases user risk unless they strictly follow the advice to use a throwaway wallet and correct file permissions. Additionally, the registry metadata incorrectly lists no required env vars while SKILL.md/package.json do — an important inconsistency. PRECOG_RPC_URL being user-configurable is reasonable but carries a documented risk if an untrusted RPC is used.
Persistence & Privilege
The skill does create and use local state (~/.openclaw/.env) to persist the private key, which is normal for a local wallet CLI. 'always' is false and the skill does not request system-wide privilege or modify other skills. The persistence is scoped to the skill’s own directory/config and is explained in the docs.
What to consider before installing
What to consider before installing: - Metadata mismatch: the registry metadata says no env vars are required, but the skill actually requires a PRIVATE_KEY (stored at ~/.openclaw/.env). Ask the publisher to fix registry metadata before trusting automated installs. - Private key risk: the skill writes your secp256k1 private key in plaintext to ~/.openclaw/.env. This is necessary for local signing but dangerous — only use a throwaway/test wallet and set strict permissions (chmod 600). Back up the key if you care about the wallet and do not use a high‑value key. - Test on Sepolia first: the default network is Sepolia (testnet). Never run commands on mainnet unless you explicitly pass --network mainnet and you confirm addresses and amounts with the user. - RPC endpoint trust: if you override PRECOG_RPC_URL, use a trusted RPC provider; a malicious/untrusted RPC can observe transaction contents and metadata. - Review code / client implementation: if you need higher assurance, inspect scripts/lib/client.mjs and other library code to verify there are no unexpected external endpoints or telemetry calls before running npm install. - Install hygiene: run npm install in an isolated environment (container or VM) if you are unsure, and inspect package-lock.json for transitive dependencies. - If you lack experience managing private keys, consider not installing or only experimenting with an empty/test wallet. If the publisher cannot explain the metadata mismatch or provide an updated manifest, treat the skill with extra caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk976yvcy6yrdrf47fkrepqeafn830ry1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, npm

Comments