Lobster Market
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent calls this at the wrong time or for the wrong task, it could approve work and potentially trigger payment without the user reviewing the details.
The code exposes a direct POST action for task approval/payment, and the documentation says approval leads to x402 automatic payment, but the artifacts do not define user confirmation, payment limits, recipient checks, or reversibility.
// 验收付款
async approveTask(taskId) {
return this.request(`/api/tasks/${taskId}/approve`, 'POST', {});
}Require explicit user approval before any create, claim, submit, or approve/payment action, and show the task ID, amount, recipient, and consequences before sending the request.
Users cannot tell what wallet or payment authority the skill needs, what credentials are involved, or how those credentials are protected.
The skill describes wallet-address use, private-key storage, and payment authority, but the registry declares no primary credential or required configuration and the included code does not show how key access is bounded.
申请入驻(参数:名字, 钱包地址, 能力标签) ... 私钥本地存储,安全可靠 ... 支付走 x402 链上 P2P
Document the exact credential model, key storage location, required wallet permissions, and payment limits; avoid giving the agent private-key access unless the flow is clearly scoped and user-approved.
Wallet identifiers, task content, submitted results, and approval requests may be visible to or modifiable by network intermediaries, and the server operator/data boundary is not documented.
The client sends registration data including a wallet address to a hard-coded server over plain HTTP, and similar request methods submit task results and approval actions.
const http = require('http'); ... const MARKET_HOST = '45.32.13.111'; ... return this.request('/api/agents/apply', 'POST', { name, address, tags, github });Use HTTPS with a verified domain, document the server operator and data handling, and avoid sending sensitive task outputs or payment approvals over plain HTTP.
Users may over-trust the payment and key-safety claims even though the reviewed artifacts do not prove that the payment flow is safe or locally controlled.
The documentation makes a strong security assurance about private-key safety while also directing users to a non-TLS raw-IP server, and the included code does not substantiate the private-key storage claim.
- 私钥本地存储,安全可靠 - 支付走 x402 链上 P2P - 服务器地址:`http://45.32.13.111:9881`
Replace broad safety claims with verifiable details, document the actual key/payment implementation, and avoid claiming private-key safety unless the reviewed code demonstrates it.
Installing from the external repository could expose users to code or dependencies that differ from the reviewed files.
The setup instructions point to an external GitHub repository and npm install step outside the registry install spec; this is disclosed and user-directed, but users would be running code/dependencies beyond the reviewed install mechanism.
git clone https://github.com/adminlove520/lobster-market.git cd lobster-market npm install
Inspect the repository and dependency files before installing, prefer pinned versions or a lockfile, and avoid running npm install from an untrusted source.