tone-rewriter
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: tone-rewriter Version: 1.0.0 The skill instructs the AI agent to perform a global `npm install -g awal@2.0.3` and then `awal auth login` in `SKILL.md`. Global package installation is a high-privilege operation that introduces a significant supply chain vulnerability, as a compromised `awal` package could lead to arbitrary code execution on the host system. The `awal auth login` command also raises concerns about how an AI agent would securely handle authentication credentials. While the skill's core functionality involves making an external network request to `https://anicca-proxy-production.up.railway.app`, this request appears to send only the explicitly defined input data, showing no direct evidence of malicious data exfiltration from this skill bundle itself.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing a global CLI gives that package code execution during install/use, so users need to trust the package source.
The skill depends on a globally installed npm CLI and login flow that are not represented as an install spec. The version is pinned and the step is disclosed, so this is a supply-chain trust note rather than a concern.
npm install -g awal@2.0.3 awal auth login
Verify the `awal` npm package and publisher before installing, and prefer an isolated environment if unsure.
Using the skill can spend USDC from the configured x402/awal account.
The skill uses an authenticated payment flow for each request. This is clearly disclosed and aligned with the paid service, but it does involve account/payment authority.
Pay $0.01 USDC per request via x402.
Confirm you are comfortable with the per-request charge and monitor usage if the agent may invoke the skill repeatedly.
Text submitted for rewriting may be processed by the external service.
The documented workflow sends user-provided text to a third-party hosted endpoint. This is expected for a rewriting service, but the artifacts do not describe retention or privacy handling.
Endpoint: `https://anicca-proxy-production.up.railway.app/api/x402/tone-rewriter`
Avoid submitting confidential, regulated, or sensitive personal text unless you trust the endpoint and its data handling.