Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
NEXUS Multi Model
v1.1.0Routes prompts to the best AI model
⭐ 0· 268·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (route prompts to the best model) align with the instructions: the skill proxies requests to an external multi-model service and requires a payment proof. Requesting a payment proof (NEXUS_PAYMENT_PROOF) is expected for a paid API. Minor mismatch: SKILL.md lists version 2.0.0 while registry metadata shows 1.1.0, and README/tags include unrelated terms (e.g., 'health-monitoring') which reduces polish/trust but does not by itself indicate malicious intent.
Instruction Scope
Runtime instructions instruct the agent to send user input (prompts) to a third-party endpoint (ai-service-hub-15.emergent.host) and to include payment headers/credentials. They also describe posting signed Stellar XDRs to a sponsorship endpoint — a sensitive operation because signed XDRs are effectively authorizations on-chain. The skill does not ask for private keys, but the flow could lead users or agents to transmit signed transactions or long-lived payment credentials, which increases the risk of accidental exposure or misuse. The instructions otherwise do not reference unrelated files, shells, or system paths.
Install Mechanism
Instruction-only skill with no install spec and no files executed on disk. This is the lowest install risk — nothing is downloaded or installed by the skill itself.
Credentials
The skill requires a single env var (NEXUS_PAYMENT_PROOF) as its primary credential, which is proportionate for a paid API. However, a payment proof is sensitive and should be scoped and rotated. There are no other credentials requested. The absence of a homepage/source makes it harder to verify what that credential gives the service permission to do.
Persistence & Privilege
The skill does not request always:true and is not trying to modify other skills or system configuration. It is user-invocable and can run autonomously (platform default), which is normal.
What to consider before installing
This skill appears to do what it says (route prompts to a paid multi-model service) but exercise caution before installing: (1) verify the provider (ai-service-hub-15.emergent.host) and look for official documentation or a source repo — there is no homepage/source listed here; (2) treat NEXUS_PAYMENT_PROOF as a sensitive credential: use the minimum-privilege token possible and prefer short-lived/test tokens (the README mentions sandbox_test) while evaluating; (3) never share private keys or sign transactions on behalf of the skill — if asked to provide signed Stellar XDRs, ensure you understand exactly what you're signing and why; (4) test in sandbox mode first and monitor network/payment activity; (5) if you need stronger assurance, request the skill author/publisher identity, a homepage or audit, or use an alternative with verifiable provenance. If you cannot validate the service or the token scope, do not supply production payment credentials.Like a lobster shell, security has layers — review code before you run it.
aivk972trdfsv99t6g33x69cv2m2d84httwcardanovk972trdfsv99t6g33x69cv2m2d84httwlatestvk972trdfsv99t6g33x69cv2m2d84httwstellarvk972trdfsv99t6g33x69cv2m2d84httwx402vk972trdfsv99t6g33x69cv2m2d84httw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚡ Clawdis
EnvNEXUS_PAYMENT_PROOF
Primary envNEXUS_PAYMENT_PROOF