Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Edge Router
v1.0.0Route AI agent compute tasks to the cheapest viable backend. Supports local inference (Ollama), cloud GPU (Vast.ai), and quantum hardware (Wukong 72Q). Use w...
⭐ 0· 196·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the SKILL.md: it routes tasks among local, cloud GPU, and quantum backends. However, the SKILL.md references specific providers (Ollama, Vast.ai, Wukong 72Q) but does not explain authentication, how it integrates with those providers, or why no credentials are required. It's plausible the router is a third-party aggregator, but the metadata gives no provenance or rationale for the lack of required credentials.
Instruction Scope
The runtime instructions tell the agent to POST task payloads (including model/prompt) to an external API endpoint (https://edge-router.gpupulse.dev/api/v1 or localhost:3825). That means arbitrary task data — potentially sensitive prompts, files, or inference inputs — would be transmitted off-agent to an unverified third party. There are no instructions about consent, redaction, or any limits on what may be sent. The agent is given direct network I/O instructions to a domain of unknown trustworthiness, which is scope creep relative to a simple local router helper.
Install Mechanism
No install spec and no code files (instruction-only). That minimizes on-disk risk. However, the lack of installer also means all action is via network calls to an external service defined in SKILL.md, which retains a high runtime trust requirement even though install risk is low.
Credentials
The skill declares no required environment variables or credentials. For a service that claims to route work to paid cloud/quantum backends, absence of any auth requirement is surprising. Either the aggregator handles billing (in which case you must trust it with all payloads and possibly account/billing info) or required credentials are missing from the spec. The lack of declared credentials increases the risk of unintended data exfiltration to an unauthenticated third party.
Persistence & Privilege
The skill is not marked 'always' and uses normal autonomous invocation defaults. It does not request to persist or modify other skills or system settings in the manifest. No privilege escalation signals in the provided metadata.
What to consider before installing
This skill asks your agent to send task payloads to an external API (edge-router.gpupulse.dev) even though the skill metadata provides no source, homepage, or authentication details. Before installing: (1) do not send sensitive prompts/data through it; (2) ask the publisher for source code, a privacy/security policy, and API docs showing authentication and billing flow; (3) prefer a self-hosted or auditable router if you must route confidential workloads; (4) if you try it, run it in an isolated environment and monitor outbound network calls; (5) if you cannot verify the operator or code, treat this skill as a potential data-exfiltration risk.Like a lobster shell, security has layers — review code before you run it.
latestvk9718hhnapb0wvnmxketeezcm582rhng
License
MIT-0
Free to use, modify, and redistribute. No attribution required.