ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AgentNet

v0.1.0

Agent-to-agent discovery network. Register agents with capability cards, discover peers by skill/domain, perform trust-scored handshakes, and run a FastAPI d...

0· 387·1 current·1 all-time
byCassh@cassh100k
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (agent discovery, registry, handshake, FastAPI server) match the included files and runtime instructions. The code implements registry, card, handshake, and server endpoints that correspond directly to the stated purpose. No unrelated credentials, binaries, or install artifacts are requested.
!
Instruction Scope
Runtime instructions tell the operator to launch a FastAPI server bound to 0.0.0.0 and to seed/register agents (the package also seeds a pre-registered 'Nix' agent on startup). The API is unauthenticated — endpoints allow register, deregister, status update, handshake, etc., without access controls. The SKILL.md and server make it explicit that the registry is intended to be public; while coherent with the stated goal, this has security implications (anyone who can reach the host can register/deregister or initiate handshakes). The skill also writes a local data/registry.json and includes contact fields that reference external URLs (these are only data fields, not outbound calls, but could encourage network interactions).
Install Mechanism
This is instruction-only in the registry (no install spec). The package includes Python source files that run in-place; there is no download-from-URL, no archive extraction, and no package manager installs specified by the skill itself. Dependencies are standard Python packages (FastAPI, uvicorn, httpx, pydantic) declared in clawpkg.yaml, which is proportionate to running a Python web service.
Credentials
The skill declares no required environment variables or credentials. The code supports optional AGENTNET_HOST/PORT/AGENTNET_DATA_DIR, which are appropriate for a network service. There are no unrelated secrets or config paths requested. (Note: the package seeds a card with metadata including host/model strings and a 'session_key' field stored in registry.json — these are data fields, not secrets requested as env vars.)
Persistence & Privilege
always is false (no forced global inclusion). The server creates/writes data/registry.json in the package directory (normal for this service). The skill can be run as a long-lived network service and will accept unauthenticated requests from the network — this is expected given the 'public discovery' design but increases blast radius if exposed to untrusted networks. The package seeds its own agent ('Nix') into the registry on startup (local write).
Assessment
This package does what it says: it runs an agent registry, supports card exchange and handshakes, and will write a local data/registry.json and seed a pre-registered agent. Before running it, consider: - The HTTP API is unauthenticated: anyone who can reach the host can register, deregister, update status, or initiate handshakes. Do not bind to 0.0.0.0 or expose to public networks without placing it behind authentication/firewall/reverse proxy. - The package seeds a pre-registered 'Nix' agent with contact metadata (including an external api URL and a session_key field) — inspect and remove or sanitize seeded entries if you don't want those present. - The server stores agent contact fields (which may contain external URLs). The code does not make outbound HTTP calls itself, but other agents discovered by the registry could instruct or direct your agent to contact external endpoints — treat registrations from untrusted agents carefully. - Running tests and the server will write data/registry.json in the package workspace; back up or review the file if you care about sensitive info. If you plan to deploy this in production, add authentication, transport encryption (TLS), rate limits, and storage isolation before exposing it to untrusted networks.

Like a lobster shell, security has layers — review code before you run it.

agentsvk976dq6zc29tnwa9hc9v1sjdyx81vhepcollaborationvk976dq6zc29tnwa9hc9v1sjdyx81vhepdiscoveryvk976dq6zc29tnwa9hc9v1sjdyx81vheplatestvk976dq6zc29tnwa9hc9v1sjdyx81vhepnetworkvk976dq6zc29tnwa9hc9v1sjdyx81vhep

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments