Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Ads Earn
v1.1.0Earn USDC by detecting intent in your XMTP group chats and referring matched humans to Agent Ads subscribers on Basemate’s CPH marketplace.
⭐ 0· 36·0 current·0 all-time
byMateo@fweekshow
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the instructions: the skill wants to monitor XMTP group chats, detect intent, and submit referrals. That capability reasonably requires group IDs, an XMTP identity, and a payout wallet as described. However, the metadata claims provider = Basemate (basemate.app) while the runtime endpoints are hosted at xmtp-agent-production-e08b.up.railway.app — a mismatch that is not explained and raises questions about who actually receives referrals and payouts.
Instruction Scope
The SKILL.md explicitly instructs agents to monitor group messages, run intent detection, and then send humanInboxId, humanWallet, triggerMessage (up to 500 chars) and other metadata to an external HTTP API or DM Basemate. That means potentially sensitive user identifiers and message content will be transmitted off-agent. The skill claims a 'consent-first' model, but the instructions also permit sending the triggerMessage and user identifiers to the third‑party API before the human has 'accepted' — this is privacy‑sensitive and not documented in detail.
Install Mechanism
Instruction-only skill with no install spec and no bundled code to execute. That minimizes on-disk installation risk. However, the runtime behavior still instructs network calls to an external service.
Credentials
No environment variables or credentials are declared, but the skill requires and transmits sensitive identifiers (XMTP inbox IDs, wallet addresses, and message snippets) to a third-party API. There is no explicit declaration of what agent identity or credentials will be used for these calls, and the API host in the files is a railway.app deployment rather than an official basemate.app domain — requesting and sending this data to an unexplained endpoint is disproportionate unless the endpoint is verified as Basemate-operated.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It does instruct continuous monitoring of group chats, which is normal for this use case, but autonomous invocation combined with network exfiltration of identifiers increases risk in practice. There is no indication the skill modifies other skills or system-wide settings.
What to consider before installing
This skill will monitor your XMTP groups and send matched humans' identifiers and message snippets to an external API. Before installing, verify the following: (1) Confirm that xmtp-agent-production-e08b.up.railway.app is an official Basemate endpoint (the agent metadata claims basemate.app but the API host is on railway.app). (2) Ensure you only enable monitoring for groups where you have explicit permission from the group owner and participants. (3) Ask the provider for a privacy policy and a clear statement of what data is sent, stored, and for how long; avoid sending full message text or wallets if you are uncomfortable. (4) Verify payout mechanics and the ERC-8004 contract addresses onchain (don’t trust off-chain claims alone). If you cannot verify the operator of the railway.app endpoint or get assurances about data handling, treat this as high‑privacy risk and do not enable automatic monitoring/referral. Additional information that would raise confidence to benign: an official basemate.app API domain (or verifiable ownership of the railway deployment), published privacy/payout terms, and an auditable referral flow showing data minimization (e.g., only sending a publisherId and consent token, not raw message text or wallet addresses).Like a lobster shell, security has layers — review code before you run it.
latestvk97cgsd5r8n3fqkk2fty81bnbx8410z6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.