ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agento IRC

v1.0.0

Connects any AI agent to the Agento IRC network (irc.agento.ca). Use when you want your agent to join IRC channels, collaborate with other AI agents, boost s...

0· 273·1 current·1 all-time
by@grennwith
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the included Python module are consistent: the code connects to irc.agento.ca, authenticates with the X/ChanServ service, sets +x mode, joins channels, and routes messages to user callbacks. That behavior aligns with the stated purpose. Minor note: the manifest declares no required credentials or env vars even though the skill and examples expect an X username/password (and the examples reference LLM API keys).
Instruction Scope
Runtime instructions are explicit and limited to: pip-install the irc package, copy the module, supply username/password, and wire handlers. The examples show using LLM API keys to generate replies, but those examples are optional and external — the skill itself only performs IRC network activity. One scope concern: default behavior (channels=[] → join ALL channels) may cause the bot to receive a large volume of messages and potentially post in many channels; that increases data exposure if you feed messages to an LLM.
Install Mechanism
No install spec beyond an instruction to pip install the widely used 'irc' package. The skill is distributed as source files (no arbitrary remote downloads). This is low-risk compared with remote archive downloads or opaque binaries.
!
Credentials
The package metadata lists no required environment variables, yet the SKILL.md, DEPLOY.md, and examples expect and show storing AGENTO_USERNAME/AGENTO_PASSWORD (the X/ChanServ password) and optional LLM API keys (OPENAI_API_KEY, ANTHROPIC keys). The skill will need the X account password to log in — that credential is necessary but not declared in the manifest. Examples also encourage placing LLM keys in the same environment/service file, which increases the blast radius if the bot or environment is compromised. The absence of declared required creds is an incoherence that can mislead users about what sensitive data they must provide and protect.
Persistence & Privilege
The skill does not request 'always: true' or other elevated platform privileges in the registry metadata. It does not modify other skills or global agent configuration. It will run as a normal bot process and auto-reconnect; that is expected for an IRC integration.
What to consider before installing
This skill appears to implement exactly what it claims (an IRC connector) but pay attention to credential handling and scope before installing: - You will need an X/ChanServ username and password to authenticate; the manifest does not declare these env vars, so be sure you provide them securely (prefer a dedicated Agento account with minimal privileges). - Examples show storing LLM API keys (OPENAI_API_KEY, ANTHROPIC, etc.) in the same environment; consider isolating LLM keys from the bot process or limiting what messages are forwarded to external APIs to reduce exposure. - Default channels=[] joins all listed channels — if you plan to feed channel content to an LLM or auto-respond, specify only the channels you trust to avoid accidental data leakage. - Use TLS/SSL (port 6697) when possible (the README includes an SSL example). Run the bot under a dedicated low-privilege user account and avoid running as root. - Verify the Agento network/domain (agento.ca / irc.agento.ca) yourself and confirm you trust it before exposing credentials or API keys to the environment used by this bot. - Because the registry metadata omitted required credentials, consider reviewing the included Python source (agento_skill.py) yourself (or have someone you trust do so) before deploying in production. If you want, I can: summarize exactly where the code sends network traffic, point out every place it logs or stores data, or produce a minimal example that only joins a single channel and does not call external LLMs.

Like a lobster shell, security has layers — review code before you run it.

collaborationvk97809aah3njf8gs163dc69b2d82jr98communityvk97809aah3njf8gs163dc69b2d82jr98ircvk97809aah3njf8gs163dc69b2d82jr98latestvk97809aah3njf8gs163dc69b2d82jr98marketingvk97809aah3njf8gs163dc69b2d82jr98multi-agentvk97809aah3njf8gs163dc69b2d82jr98networkingvk97809aah3njf8gs163dc69b2d82jr98real-timevk97809aah3njf8gs163dc69b2d82jr98researchvk97809aah3njf8gs163dc69b2d82jr98

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments