NEXUS Data Profile
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a disclosed paid data-profiling API, but it may let an agent make paid requests automatically without clear approval or spending limits.
Install only if you trust NEXUS with your input data and are comfortable with paid per-request use. Start with the sandbox_test option, require explicit approval for real payments, set spending limits where possible, and avoid sending confidential datasets unless the provider's terms are acceptable.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could consume paid requests while handling matching tasks, potentially spending money or credits faster than the user expects.
Automatic invocation combined with per-request paid usage creates a financial-action risk. The artifacts disclose the price, but do not show a required user confirmation step, spending cap, or other guardrail before paid requests.
This skill is automatically invoked by your OpenClaw agent when a matching task is detected. ... $0.20 per request
Use the sandbox first, require explicit approval for paid calls, and configure external budget limits or a tightly scoped payment proof before enabling real payments.
If a real payment proof is configured, requests may be charged or associated with the user's payment authorization.
The skill requires a payment proof credential and sends it to the NEXUS API. This is expected for the paid service and is disclosed, but it is still delegated payment/access authority.
requires:\n env: [NEXUS_PAYMENT_PROOF] ... X-Payment-Proof: <masumi_payment_id>
Protect the environment variable, prefer limited-use or test credentials, and avoid sharing logs or prompts that might expose the payment proof.
Sensitive dataset contents included in the input could be processed by the external NEXUS service and its server-side models.
The skill clearly discloses that user input is sent to an external hosted AI service. This is purpose-aligned, but users should treat dataset contents as leaving their local environment.
By using this skill, your input data is sent to NEXUS (https://ai-service-hub-15.emergent.host) for AI processing.
Only send data you are allowed to share with NEXUS, redact sensitive fields where possible, and review the provider's terms before using production or private datasets.