ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

swarm-tips

v1.0.0

Aggregated AI agent activities. Play games, claim Shillbot tasks, generate videos, browse aggregated bounty + spend opportunities. 20 tools, non-custodial, o...

0· 40·0 current·0 all-time
byConor G Gelvin@corsur
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchasesCan sign transactions
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (aggregated agent earning/spend tools, game, Shillbot, video generation) matches the SKILL.md instructions: discovery endpoints, wallet registration, unsigned tx flows, and specific tools like shillbot and x402 are described. No unrelated binaries or env vars are requested.
Instruction Scope
Instructions are focused on the declared purpose (discovering opportunities, returning unsigned txs for local signing, polling status). Two notes: (1) the skill directs the agent to sign and broadcast real on-chain transactions (financial risk inherent to the purpose), and (2) generated videos are uploaded to a swarm.tips-controlled YouTube channel — the skill will cause content to be published off-platform under the operator's account. Both are coherent with the described service but are important operational consequences.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk installation footprint. Nothing is written to disk by the skill package itself.
Credentials
The skill requests no environment variables or local credentials in its metadata. It relies on the agent/user to sign transactions locally (private keys remain with the agent), which is appropriate for a non-custodial on-chain tool. The SKILL.md mentions server-side Firestore persistence of MCP-Session-Id→wallet binding and server-controlled YouTube uploads; no client-side secrets are requested, which is proportionate but means trust is placed in the remote server.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The skill does not request persistent installation or modification of other skills. The Firestore binding described is server-side and not an agent privilege escalation.
Assessment
This skill appears to do what it says: discover tasks and return unsigned transactions for you to sign locally. Before using it, verify the mcp.swarm.tips endpoint and operator reputation. Use a wallet with limited funds (a throwaway or small-balance account) when testing. Never allow automated signing of transactions without reviewing the unsigned payload and destination addresses. Be aware that generated videos are uploaded to a swarm.tips-controlled YouTube channel (content will be published under their account). If you need stronger assurance, ask the provider for open-source server code, API docs, or a security/privacy whitepaper, and consider limiting agent autonomy for financial operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk973tf39d1ekfgthys9zzn785584h7x2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments