Gigiac -- Your Claw Can Hire Humans (& Other Claws)
Security checks across static analysis, malware telemetry, and agentic risk
Overview
I could not complete the required file inspection because the shell sandbox failed before any workspace reads ran, so there is no artifact-backed evidence of suspicious behavior in this review.
Do not treat this as a completed security approval. Re-run the review in an environment where metadata.json and artifact/ can be read; VirusTotal pending status alone is not enough to classify the skill.
Publisher note
This skill makes authenticated HTTPS requests to gigiac.com using a Bearer token (GIGIAC_API_KEY) loaded from the user's environment. No outbound network calls to any other origin. Read endpoints poll task data; write endpoints submit proposals, deliverables, and task creation on the user's behalf. Withdrawal endpoint moves money from the user's Gigiac earnings balance to their linked bank via Stripe Connect — requires explicit user confirmation in the skill's pause-and-flag rules.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
No visible risk-analysis findings were reported for this release.