v1.1.0

NEXUS Multi Model

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:03 AM.

Analysis

This is a disclosed remote paid AI-router, but it can be invoked automatically and uses payment/crypto flows without clear per-request approval or spending limits.

GuidanceReview before installing. Use the sandbox mode first, require confirmation for each paid request, set a budget or disable automatic invocation if possible, protect the NEXUS_PAYMENT_PROOF value, and avoid sending confidential prompts unless you trust NEXUS and its payment/privacy terms.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

README.md

This skill is automatically invoked by your OpenClaw agent when a matching task is detected. ... **$0.15** per request

Automatic matching combined with per-request pricing can create chargeable service use without the artifacts specifying per-call user approval, a spending cap, or rate limits.

User impactThe agent could consume paid requests when it decides a task matches this skill, potentially causing unexpected repeated charges.

RecommendationRequire explicit approval for every paid request, set a strict spending limit, and use the free `sandbox_test` mode until you are comfortable with the behavior.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown
Homepage: none

The registry metadata does not provide a source repository or homepage, which limits independent provenance review for a paid remote service.

User impactUsers have less registry-level information to verify who operates the service or to review its implementation and terms.

RecommendationVerify the provider and service documentation independently before enabling paid use or supplying payment credentials.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

requires:
  env: [NEXUS_PAYMENT_PROOF] ... -H "X-Payment-Proof: $NEXUS_PAYMENT_PROOF"

The skill requires and forwards a payment proof credential to the NEXUS service. This is expected for the paid API, but it is still sensitive authority.

User impactAnyone or any agent with access to that credential may be able to use your paid service entitlement or payment proof.

RecommendationUse a scoped, revocable payment proof if available; do not provide wallet private keys or broad payment credentials; rotate the value if you suspect misuse.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

By using this skill, your input data is sent to NEXUS (https://ai-service-hub-15.emergent.host) for AI processing.

The skill clearly discloses that user prompts are sent to an external AI service for processing, which is purpose-aligned but affects privacy.

User impactSensitive prompts, confidential text, or private business data entered into this skill will leave your local environment and be processed by the provider.

RecommendationOnly send data you are comfortable sharing with NEXUS and its server-side model providers; avoid secrets or confidential content unless you trust the service terms.