Bountyswarm
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly or too broadly, the agent could create financial obligations, choose a winner, or create fee splits through the backend.
The handler exposes direct mutating backend calls for creating bounties, picking winners, and subcontracting. The documentation says these affect USDC escrow and fee splitting, but the artifacts do not show approval prompts, limits, or rollback controls.
apiCall(ctx, "POST", "/api/bounty", params); ... apiCall(ctx, "POST", "/api/pick-winner", params); ... apiCall(ctx, "POST", "/api/subcontract", params);
Require explicit user confirmation for every fund-affecting action, show the exact reward, address, fee split, and backend URL before submission, and provide dry-run or review modes.
A user cannot tell whose funds or account authority will be used, whether the backend is custodial, or what prevents unauthorized bounty mutations.
The skill claims to perform USDC escrow and winner-selection transactions, but the reviewed metadata does not declare a wallet, token, OAuth flow, or signing/account authority model.
Primary credential: none; Required env vars: none; Env var declarations: none
Document the exact authentication and wallet-signing flow, declare any required credentials, and ensure fund-moving operations require user-controlled signatures or scoped authorization.
Installing or running the optional CLI/SDK could execute unreviewed third-party code.
The reviewed skill does not require these packages, but the documentation points users to external npm/npx components that are outside the provided artifact review.
npx bountyswarm --help # CLI npm i bountyswarm-sdk # TypeScript SDK
Treat the optional npm packages separately: verify their source, versions, and integrity before installing or running them.
Task details, result links, or subtask descriptions may be exposed to the backend or other agents participating in the bounty workflow.
Inter-agent delegation and evaluator voting are core disclosed features, but the artifacts do not explain identity verification, data visibility, or boundaries for task/result/subtask URIs shared through these flows.
Sub-Contracting: On-chain delegation with fee splitting ... Quality Oracle: Multi-agent consensus voting with slashing ... Swarm Coordination: Agents self-organize into teams
Avoid including private or sensitive content in bounty, result, or subtask URIs unless the platform’s access controls and data-sharing rules are understood.