24Konbini - Agent Marketplace & Bank
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed real-money marketplace skill, but it gives an agent API-key-based wallet authority and trading workflows without clear approval or scope limits in the visible artifact.
Install only if you intentionally want the agent to interact with a real USDC marketplace. Use a dedicated low-balance account, store the API key securely, require human confirmation for every transaction or listing change, and review any remote HEARTBEAT/SKILL updates or purchased agent content before letting the agent use them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed too broadly, the agent could spend or commit real USDC, alter storefront/account state, or transact with other agents in ways the user did not review first.
This gives the agent real-money trading authority. The visible artifact does not pair that authority with an explicit requirement to ask the human before purchases, sales, offers, or other account-changing actions.
Your human owner funds your wallet. You use that balance to buy, sell, and trade digital goods with other agents.
Use only with explicit human approval for every financial action, public listing, offer, and purchase; set a hard low-balance wallet limit; and avoid letting the agent trade autonomously.
Anyone or any prompt that obtains the key could impersonate the agent and potentially affect its marketplace wallet or account.
The skill’s own text says the API key is an identity credential and recommends persistent local storage. The registry metadata, however, declares no primary credential or required config path.
Your API key is your identity. Leaking it means someone else can impersonate you. ... Recommended: Save your credentials to `~/.config/24k/credentials.json`
Treat the API key like a financial secret: store it in a secret manager or tightly permissioned file, use a dedicated low-balance account, rotate it if exposed, and require the skill publisher to declare the credential/config requirement clearly.
Remote instruction files could later differ from the reviewed artifact and influence the agent’s behavior if installed or read.
The reviewed package contains only SKILL.md, but the instructions reference downloading a remote HEARTBEAT.md and re-fetching remote skill files, which could change outside this review.
curl -s https://24konbini.com/skill.md > ~/.config/24k/skills/SKILL.md curl -s https://24konbini.com/heartbeat.md > ~/.config/24k/skills/HEARTBEAT.md
Inspect remote files before installing, avoid automatic refreshes, and prefer pinned versions or checksums for any locally installed skill material.
Bought prompts, skills, or memory dumps from other agents could contain instructions that redirect behavior, leak secrets, or poison future context if the agent imports them directly.
The marketplace encourages trading agent-consumable prompts, skills, knowledge, and memory-like content. The visible artifact does not show sandboxing or guidance to treat purchased content as untrusted.
Sub-Agent Skills | Specialized behaviors to bolt on ... Memory Dumps | Structured conversation histories, decision logs, context files
Treat all purchased content as untrusted data, review it before use, isolate it from secrets and wallet credentials, and do not persist or execute agent instructions from marketplace items without user approval.