ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Blockchain & DID

v1.0.1

Decentralized identity (DID) management, on-chain KYC status, and membership tiers with token staking.

0· 75·0 current·0 all-time
by@d9m1n1c
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name and description line up with the listed REST endpoints (DID, KYC, membership/staking). However, all endpoints are marked 'Requires auth' while the registry only declares AIOT_API_BASE_URL (a URL) as the required environment variable and as the primary credential. Expectation: a DID/KYC/staking integration should declare how auth is supplied (API key, bearer token env var name, OAuth flow, or platform session). Marking a URL as the primary credential is incoherent.
!
Instruction Scope
SKILL.md gives clear endpoint flows and sensible runtime rules (e.g., ask for PINs, don't persist secrets). But it repeatedly requires authenticated requests and instructs the agent to 'verify the session has a valid bearer token' without specifying how to obtain or where to store that token. The default base URL points to a development hostname (payment-api-dev.aiotnetwork.io), which is unusual for a published skill and may cause unexpected behavior if used in production.
Install Mechanism
This is an instruction-only skill with no install specification and no code files; there is no filesystem install activity. That lowers supply-chain risk.
!
Credentials
Only AIOT_API_BASE_URL is required, but the runtime requires authentication for every endpoint. There is no declared env var for an API token, client secret, or other credential names (e.g., AIOT_API_KEY, AIOT_BEARER_TOKEN). This gap is disproportionate and ambiguous. Also, marking a URL as the 'primary credential' is misleading.
Persistence & Privilege
The skill does not request persistent/always-on inclusion and does not declare modifications to other skills or system settings. It explicitly advises not to log or cache secrets, which is appropriate. Autonomous invocation is allowed by default (not flagged here), but should be considered in user guidance given other concerns.
What to consider before installing
Do not install or grant credentials to this skill until the author clarifies authentication and the endpoint. Specific checks to request or perform before using: (1) Ask the publisher for a verifiable homepage, documentation, and a production API base URL (not a -dev host). (2) Ask which auth scheme is required and which exact environment variable name(s) you must provide for bearer tokens or API keys. Prefer short-lived, scope-limited tokens if you must provide credentials. (3) Verify the owner identity and why a dev hostname is embedded in the skill. (4) If you test it, run it in a constrained sandbox and monitor API logs for unexpected calls. (5) Avoid dropping long-lived credentials into the agent; never provide secrets unless you understand where they will be used/stored. If the publisher cannot provide clear answers and a production URL, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97300v7t2c5wav0f5aw61x1rn838n8g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvAIOT_API_BASE_URL
Primary envAIOT_API_BASE_URL

Comments