NEXUS Quick Translate
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent paid translation API skill, but it may trigger per-request crypto payments without clear user confirmation or spending limits.
Review this skill before installing because it is a paid external translation service. If you use it, prefer the sandbox proof first, require confirmation before payments, set a strict budget, and avoid translating sensitive text unless you trust NEXUS.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A translation request could create repeated small charges if the agent invokes the skill frequently or without the user noticing.
The skill is documented as automatically invoked and paid per request, but the artifacts do not specify a user-confirmation step, spending limit, or price validation before paid calls.
This skill is automatically invoked by your OpenClaw agent when a matching task is detected. ... $0.03 per request
Only install if you are comfortable with paid automatic use; configure a strict budget or require confirmation before any paid request.
Your payment proof or payment credential will be sent to the NEXUS API when the skill is used.
The skill requires a payment proof or payment credential to use the paid NEXUS endpoint; this is expected for the service but is still sensitive account/payment authority.
requires:\n env: [NEXUS_PAYMENT_PROOF] ... X-Payment-Proof: <masumi_payment_id>
Use a dedicated, low-privilege payment credential or sandbox proof where possible, and do not provide credentials that can authorize more spending than intended.
Text you translate may leave your local environment and be processed by NEXUS and its model providers.
The skill sends user-provided text to an external provider and server-side LLMs. This is disclosed and aligned with translation, but users should treat the text as shared with a third party.
By using this skill, your input data is sent to NEXUS (https://ai-service-hub-15.emergent.host) for AI processing.
Avoid sending confidential, regulated, or highly sensitive text unless you trust the provider and its retention claims.