AICash Miner
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to perform AICash mining as described, but it installs always-on system services and stores an API key, so it needs careful review before use.
Review the scripts before installing. Only run this on a Linux system where you intentionally want a persistent miner, use a dedicated/revocable API key, verify the endpoint and wallet reward binding, start with one instance, and confirm you can stop and remove the created systemd services.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The miner may continue consuming compute, network, and electricity until the systemd services are explicitly stopped and disabled.
The setup creates services that auto-restart and are enabled immediately, so the miner can keep operating after the initial setup and across reboots.
Restart=always
RestartSec=3
...
systemctl enable --now "${SVC_NAME}"Install only if you intentionally want a persistent miner. Use a dedicated host or container, confirm the service names, and know how to stop, disable, and remove the systemd units.
A bad or excessive instance count could create many persistent services and cause resource exhaustion or hard-to-track system changes.
User-supplied instance count and service name drive protected systemd service creation, with no shown validation, cap, or confirmation boundary.
for i in $(seq 1 "$INSTANCES"); do
SVC_NAME="${NAME}"
[[ $i -gt 1 ]] && SVC_NAME="${NAME}-${i}"
cat > "/etc/systemd/system/${SVC_NAME}.service" << EOFUse a small explicit instance count, avoid custom service names unless you understand systemd, and prefer a version that validates names and caps instances.
The AICash API key remains on the machine after setup and could be exposed if the host or generated file is accessed by others.
The user-provided API key is substituted into the generated miner.js file, creating a persistent on-disk credential copy.
sed -i "s|__ENDPOINT__|${ENDPOINT}|g; s|__API_KEY__|${API_KEY}|g; s|__WALLET__|${WALLET}|g" "$INSTALL_DIR/miner.js"Use a dedicated, revocable API key; restrict file permissions; rotate the key if uninstalling; and prefer secret storage via a restricted environment file rather than embedding credentials in generated code.
The registry metadata may not warn users or agents that the skill performs privileged Linux service installation and needs a credential.
The metadata under-declares important runtime requirements and sensitive setup behavior shown by the scripts, including Node/systemd-style execution, root paths, and API-key use.
No install spec — this is an instruction-only skill. Required binaries: none. Primary credential: none. OS restriction: none.
Treat the skill as requiring manual review. The publisher should declare OS, required binaries, credential requirements, and privileged persistence behavior.
Users may assume the entered wallet controls rewards even though the provided request code does not visibly send it.
SKILL.md describes --wallet as the reward wallet, but the shown mining request sends only the block number and API key; the wallet may be bound elsewhere, but the artifacts do not show that.
async function mineBlock(n) {
return (await postJSON(CONFIG.endpoint, { 'x-agent-api-key': CONFIG.apiKey }, { block_number: n })).data;
}Verify with AICash that the API key is correctly bound to your wallet before running the miner, and check initial rewards with a small test.