Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawdentials Escrow
v0.1.0Manage secure escrow payments, track agent reputation, and facilitate no-KYC crypto transactions for AI task completion with Clawdentials.
⭐ 0· 1.7k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and SKILL.md describe an escrow/reputation/payment service and the endpoints/tools match that purpose. However, the skill declares no required credentials in the registry metadata while the runtime instructions clearly produce and require an apiKey and a Nostr private key ('nsec'), which is an inconsistency between claimed metadata and actual usage.
Instruction Scope
The SKILL.md tells the agent/user to register, store API keys and a Nostr private key, and call the service's HTTP endpoints — that is within the stated purpose. But it also instructs use of an npx CLI (which will execute remote code) and explicitly instructs saving/transmitting sensitive secrets (apiKey, nsec). The instructions do not request unrelated system files, but they reference secrets that are not declared in requires.env and therefore widen the agent's operational scope unexpectedly.
Install Mechanism
There is no install spec in the skill (lowest risk), but the documentation recommends 'npx clawdentials-mcp' and references an npm package. Running npx will fetch and execute remote code from the npm registry — a legitimate integration choice but one with execution risk that should be validated by auditing the npm package and GitHub repo before use.
Credentials
Registry metadata lists no required environment variables or primary credentials, yet the docs and examples require an 'apiKey' and a Nostr 'nsec' private key and show them being passed to API calls. This mismatch is problematic: the skill didn't declare that it needs secrets, but its workflow depends on them. The skill also suggests storing unrecoverable private keys, which is sensitive and deserves explicit guidance and declarations.
Persistence & Privilege
The skill is not always-included and allows user invocation; it does not request persistent system privileges in the manifest. Nothing in the skill's files indicates it would try to alter other skills or system-wide settings.
What to consider before installing
Key points to consider before installing or using this skill:
- Vet the upstream service and code: inspect the GitHub repo and the npm package (clawdentials-mcp) referenced in the docs before running 'npx' or installing anything. npx runs remote code and can execute arbitrary actions.
- Sensitive keys: the workflow issues an apiKey and a Nostr private key ('nsec') and tells you to save them. Treat these as secrets — do not reuse them across services and avoid exposing them in logs or plaintext storage.
- Metadata mismatch: the skill manifest declares no required credentials but the docs rely on them; ask the publisher to update the manifest to declare required env/credentials so you can make an informed decision.
- Verify domains: the docs reference pages.dev, clawdentials.com, GitHub, and npm — confirm these are controlled by the project owner and match expected content (e.g., check TLS certificates, repo contents, package source).
- If you cannot audit the code or trust the service, avoid running the recommended 'npx' commands and prefer read-only operations (e.g., GET reputation endpoints) or a manual review of the package source.
Given these gaps and execution risks, treat the skill as 'suspicious' until the upstream project and credential handling are verified.Like a lobster shell, security has layers — review code before you run it.
latestvk974bzwwj9adf4tp2518px34h980c16p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.