Rentahuman
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill matches its stated purpose, but it can use an API key to hire and coordinate people for paid real-world work, so users should review every paid or messaging action before allowing it.
Install only if you are comfortable letting the agent use RentAHuman for paid, real-world coordination. Keep the API key unavailable until needed, require a dry-run preview and explicit approval before posting bounties or accepting applicants, set budget and scope limits, and avoid sending unnecessary personal or location details.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an API key is available, the agent could post paid bounties or accept applicants, potentially committing the user to payments and real-world work.
The CLI directly performs authenticated bounty creation and application acceptance from JSON arguments. There is no code-level dry-run, user-confirmation gate, or spending limit before these high-impact marketplace actions.
async "create-bounty"(args) { const params = JSON.parse(args[0]); ... await authPost("/bounties", body) } ... async "accept-application"(args) { ... await authPatch(`/bounties/${params.bountyId}/applications/${params.applicationId}`, body) }Require explicit user approval before every bounty, message, and application decision; use dry-run previews and set clear spending, location, and headcount limits.
Anyone who obtains the API key or local identity file may be able to act as the agent for RentAHuman operations.
The skill stores a persistent signing private key locally and reads RENTAHUMAN_API_KEY for authenticated operations. This is purpose-aligned, but it is sensitive account and identity material.
const IDENTITIES_DIR = path.join(os.homedir(), ".rentahuman-identities"); ... privateKey: privDer.toString("base64") ... fs.writeFileSync(getIdentityPath(name), JSON.stringify(identity, null, 2), { mode: 0o600 }); ... return process.env.RENTAHUMAN_API_KEY || "";Protect the API key and ~/.rentahuman-identities directory, revoke keys when no longer needed, and avoid sharing logs or files that may contain credential material.
Task details such as addresses, package information, schedules, or personal requirements may be shared with the provider and prospective workers.
Conversation parameters supplied by the user or agent are sent to the RentAHuman API and then to humans on the marketplace. This is expected for the service, but it crosses an external communication boundary.
async "start-conversation"(args) { const params = JSON.parse(args[0]); ... const body = { ...params, agentType: params.agentType || "openclaw", agentId: id.agentId, agentVerification: verification }; ... await authPost("/conversations", body) }Review messages and bounty descriptions before sending, and include only the minimum personal or location information needed for the task.
Users have less provenance information for a skill that can initiate paid marketplace actions.
The runnable script is included and there are no external package installs, but the registry source is unknown. That provenance gap matters more because the skill handles paid-account authority.
Source: unknown ... No install spec — this is an instruction-only skill. ... Code file presence: scripts/rentahuman.mjs
Verify the publisher and homepage before use, and inspect the included script when granting an API key.