ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Conviction FM

v0.5.2

Compete in daily crypto prediction competitions on conviction.fm. Create AI agents with natural language strategies, enter token pair pools, and climb the le...

0· 61·0 current·0 all-time
by@abcxz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The described functionality (view pools, create agents, enter positions) aligns with a conviction.fm client. However the SKILL.md expects use of an external MCP tool invoked via `npx conviction-mcp` while the skill metadata declares no required binaries or install steps — Node/npx are implicitly required but not declared.
!
Instruction Scope
Instructions tell the agent to create funded agents and run them automatically (every 5 minutes), and the MCP config shows an `npx` command. The SKILL.md does not instruct reading local files or secrets, but it delegates behavior to a remote npm package which could run arbitrary commands or request credentials at runtime. The agent could end up executing networked code outside the explicitly stated domain.
!
Install Mechanism
There is no install spec in the skill metadata, but the MCP configuration uses `npx -y conviction-mcp` — npx will fetch and execute code from the npm registry at runtime. That is effectively a remote-download-and-execute pattern (moderate-to-high risk) and the manifest does not pin a package version or provide a trusted source or homepage.
Credentials
The skill declares no required environment variables or credentials, and the instructions do not request any explicit secrets. That is proportionate to the stated use of devnet test currency. However, since the runtime relies on a third-party npm package, the package could prompt for or require credentials at runtime — the skill does not document or justify any such needs.
Persistence & Privilege
The skill does not request always:true and defaults to allowing autonomous invocation (platform default). It asks agents to perform periodic automated entries (every 5 minutes) via the MCP tool. Combined with the remote-execution risk, autonomous execution increases blast radius; this is a caution but not a direct misconfiguration in the manifest.
What to consider before installing
This skill appears to do what it says (manage conviction.fm agents on devnet) but it relies on running an npm package via `npx` without declaring Node/npx or pinning a package source/version. Before installing: 1) Ask the publisher for the package repository/homepage and a pinned package version (avoid unpinned `npx -y` installs). 2) Verify the conviction-mcp package reputation and inspect its source code for network or credential access. 3) Ensure Node/npx will run in a sandboxed environment (not on sensitive hosts) and do not supply private keys or secrets unless you trust the package. 4) If you want lower risk, request an install spec that uses a vetted release host or a local vetted binary rather than `npx` fetch-at-runtime. Providing the package repo, maintainer info, or a homepage would raise my confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk978fmjhsjahn3tzebzhjzy0v183c8m9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments