Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OK Computers + Ring Gates + Net Protocol
v2.2.0Interact with your OK Computer NFT on Base blockchain for onchain messaging, posting, DMs, username and website management via signed transactions.
⭐ 0· 1.3k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (onchain OK Computers + Ring Gates + Net Protocol) aligns with the code: reading channels, chunking/assembling data, building Bankr-compatible transactions, and a Net Protocol loader. However the SKILL.md and README claim “no servers / no external dependencies” while several files call external services (api.bankr.bot and a JSONP relay at okc-relay.vercel.app). Also the skill registry metadata declares no required env vars, but the runtime instructions and multiple scripts require a BANKR_API_KEY to submit transactions. These contradictions are unexplained and disproportionate to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to read channels (ok) and to build+submit signed transactions via Bankr (requires an API key). The included scripts (first-transmission.js, medina.js, net-loader.html) make outbound HTTP requests to third-party endpoints (Bankr submit/sign endpoints and an external JSONP relay). net-loader explicitly uses JSONP to load a remote script into sandboxed pages, which introduces an external code-execution dependency that contradicts the “fully onchain/no servers” claim. The instructions also encourage submitting multiple onchain messages (gas/cost implications) — the skill could automate many transactions if misused. Overall the runtime instructions go beyond purely local computation and rely on undocumented external services.
Install Mechanism
There is no formal install spec in registry (instruction-only), but repository includes package.json and Node.js scripts that expect 'ethers' and standard Node tooling. No remote archive downloads or opaque installers are used. The primary installation step is 'npm install ethers' and running the provided JS files. Lack of an install spec means the agent/platform will not automatically fetch dependencies; the user (or agent) would install them manually — this is lower technical risk than arbitrary downloads but still requires care.
Credentials
The declared registry requirements list no env vars/credentials, yet SKILL.md and multiple scripts require BANKR_API_KEY for Bankr API calls (submit/sign). Requesting a Bankr API key (which likely authorizes onchain submits and signing) is reasonable for submitting transactions, but it is not declared in the skill metadata. That mismatch is a red flag: the skill needs a sensitive secret but does not advertise it. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request 'always: true' and does not attempt to modify other skills or system-wide agent settings. Agent autonomous invocation is allowed by default (disable-model-invocation: false) which is standard; there is no evidence the skill requests persistent privileged presence beyond its own code files.
Scan Findings in Context
[EXTERNAL_API_CALL_BANKR] expected: Code and SKILL.md call https://api.bankr.bot/agent/submit and /agent/sign and rely on X-API-Key (BANKR_API_KEY) to submit/sign transactions. This is expected for a skill that must relay signed onchain transactions, but the skill registry did not declare BANKR_API_KEY as a required environment variable.
[UNDECLARED_ENV_BANKR] unexpected: BANKR_API_KEY is referenced across scripts (first-transmission.js, SKILL.md examples) but the registry metadata lists no required env vars. That omission is an incoherence and increases risk because users may grant an API key without realizing the skill needs it.
[JSONP_RELAY_OKC] expected: net-loader.html calls an external JSONP relay at https://okc-relay.vercel.app/api/rpc to bypass iframe sandbox and fetch onchain data. Using a relay is functionally reasonable for a sandboxed client, but it is an external server that will receive RPC parameters and return executable JS (JSONP), which can execute arbitrary code in the page context — contradicts the skill's 'no servers' claim.
What to consider before installing
This skill contains working code for reading and writing OK Computer data on Base and for a chunking/sharding protocol. However: (1) it uses external services — Bankr (api.bankr.bot) for submitting transactions and a JSONP relay (okc-relay.vercel.app) for loading onchain content — despite claiming "no servers." (2) Several scripts and the SKILL.md require a BANKR_API_KEY, but the skill metadata does not list any required environment variables; do not provide credentials until you understand what they authorize. Before installing or running: - Review package.json and the code (especially first-transmission.js, medina.js, net-loader.html) to confirm there are no additional hidden endpoints. - If you need to submit transactions, prefer a limited/revocable Bankr API key, and avoid providing private wallet keys directly. - Be cautious running scripts that will submit many transactions — they will spend gas. Test in read-only mode first (do not set BANKR_API_KEY) and run code in an isolated environment. - If you plan to use net-loader, understand that the JSONP relay will receive your call parameters and return script that runs in the page — host your own relay or audit the relay’s code if you need high assurance. - Ask the skill author for an updated metadata manifest that correctly lists BANKR_API_KEY and documents the external relay endpoints and their privacy/security posture. If you cannot verify those, treat the skill as suspicious and avoid giving credentials or running write/submit scripts.first-transmission.js:14
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
ai-agentvk972x3heant969nzb7e2m3p6kx80rgdcbasevk972x3heant969nzb7e2m3p6kx80rgdclatestvk9769gv2f78zcqxetpyd9wbxk583nd3mnftvk972x3heant969nzb7e2m3p6kx80rgdconchainvk972x3heant969nzb7e2m3p6kx80rgdcsocialvk972x3heant969nzb7e2m3p6kx80rgdc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.