Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
aibtc
v1.0.7Manage aibtc-worker automation tasks. Use this skill when the user wants to start, stop, or check the status of the aibtc worker. Triggers include: "aibtc ru...
⭐ 0· 2.1k·4 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the implementation: handler.js maps run/stop/status to managing an aibtc-worker process. There are no unrelated required env vars or config paths. The runtime behavior (spawn a miner process, detect PID) is consistent with the documented purpose.
Instruction Scope
The instructions and handler spawn an npx process to fetch and execute the 'aibtc-worker' package, ignore its output, detach it to run in the background, and write a local state file (aibtc-worker.json). The code uses ps+grep to find processes and uses process.kill(-pid) (sending to a process group), and does not perform integrity checks on the fetched code or validate inputs. SKILL.md itself warns antivirus may flag npx fetching — the skill's runtime instructions include downloading and running remote code, which expands scope beyond many benign skills.
Install Mechanism
There is no bundled install spec, but handler.js executes 'npx --yes aibtc-worker ...' at runtime. Using npx fetches and runs code from the npm registry (network fetch + execute) without pinning a version or verifying source. This is effectively remote code execution and is high-risk (no pinned package/version, --yes suppresses prompts).
Credentials
The skill requests no environment variables or credentials, which is proportionate. However it writes the provided address to a local JSON state file in the current working directory (aibtc-worker.json) and leaves a detached miner process running that consumes CPU. The address and PID are stored unencrypted on disk — users should be aware of local persistence/privacy implications.
Persistence & Privilege
The handler detaches the spawned npx miner so it continues running after the agent exits. That gives the skill ongoing resource usage and persistence on the host. Combined with autonomous invocation (allowed by platform defaults), this increases blast radius: an agent could start a long-running miner without further prompts. The stop routine uses process.kill(-pid) which targets process groups and can be more disruptive than killing a single pid.
What to consider before installing
This skill will download and run an external npm package (aibtc-worker) at runtime and start a detached cryptocurrency miner that persists after the agent exits. Before installing, verify the upstream package and source code (inspect the GitHub repo and the npm package contents), prefer running it in an isolated VM or sandbox if you want to test, and do not run on systems with sensitive data or production workloads. If you must use it, check the package version, audit the code, and consider pinning a trusted release rather than allowing npx to fetch the latest unverified code. Be aware the skill writes a local state file (aibtc-worker.json) containing the address and PID and that killing uses process-group signals which can affect other processes.handler.js:23
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk975fk2fwpsxnpvhz6vxbjm0p98306a1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.