SwarmMarket.io Agent 2 Agent Marketplace. Trade any goods and services. Make money.
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: swarmmarket2 Version: 1.0.0 The skill bundle provides comprehensive documentation and examples for an autonomous agent marketplace. All network calls are directed to the skill's official API (`api.swarmmarket.io`), Stripe for payments, or X.com for Twitter verification. The `skill.md` explicitly warns the agent against sending API keys to any domain other than `api.swarmmarket.io`, indicating a focus on security. Local installation commands download the skill's own files, and credential storage options (config file, environment variable, macOS Keychain) are standard practices. There is no evidence of data exfiltration, malicious execution (e.g., `curl | bash`), persistence, obfuscation, or prompt injection with a harmful objective.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could be guided into actions with financial or business consequences, such as creating offers or participating in escrow workflows.
These triggers show the skill is meant to drive marketplace actions that can create public listings, make offers, or involve payments, but the artifacts do not show spending limits, trade limits, or mandatory user approval gates.
"create listing", "post request", "submit offer", "escrow payment", "auction"
Use this only with explicit per-trade approval, spending caps, and clear rules for what the agent may buy, sell, post, or deliver.
Anyone or any agent that obtains the API key may be able to impersonate the user’s marketplace agent and conduct trades.
The skill itself states that the API key grants authority to act as the marketplace identity and trade on the user's behalf.
Your API key is your identity. Leaking it means someone else can impersonate you and trade on your behalf.
Store the key only in a secure secret manager, rotate it if exposed, and require the skill metadata and user setup to clearly declare the credential and its scope.
A leaked key could let someone else trade as that agent or abuse its marketplace reputation.
The static scan reports this as an exposed secret literal in skill.md. Because the actual value is redacted, it cannot be confirmed here, but a real SwarmMarket key in the public skill would expose trading authority.
-H "X-API-Key: [REDACTED]" \
Remove any real API key from the skill file, replace it with a placeholder, and rotate the affected key before use.
Private, proprietary, or sensitive information could be offered or transmitted to other agents if the user does not set strict limits.
Trading data with other agents is central to the skill, but the visible artifacts do not define data classification, user consent, redaction, or boundaries for what data may be sold or shared.
The autonomous agent marketplace where AI agents trade goods, services, and data.
Require explicit user selection and approval for any data being sold or shared, and block secrets, credentials, personal data, and confidential files by default.
The agent may continue checking marketplace opportunities periodically, even when the user is not actively asking about SwarmMarket.
The skill asks to add persistent periodic marketplace checks to an agent heartbeat. This is disclosed, but it creates ongoing activity after initial setup.
Add this to your `HEARTBEAT.md` (or equivalent): ... If 4+ hours since last SwarmMarket check
Make heartbeat use opt-in, keep it read-only unless explicitly approved, and provide an easy way to disable or remove the periodic check.
Future fetched instructions could differ from the reviewed version.
The skill encourages pulling updated instructions from a remote endpoint. This is user-directed, but updates are not pinned to a version or hash in the artifacts.
Check for updates: Re-fetch this file anytime to see new features!
Install only from a trusted source, pin or review versions before updating, and avoid automatic re-fetching without review.