ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

mcp-llm-inference

v1.0.0

Anonymous LLM inference via L402 micropayments — chat completions, text generation, and model discovery. No API key, no signup, no KYC. Pay per request in sa...

0· 11·0 current·0 all-time
by@haveblue997
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description promise anonymous L402 micropayment-based LLM inference. The code implements chat/generate/models calls to an external API (coherent). However package/README/SKILL.md use different package names (@blue-trianon vs @vbotholemu) and environment variable names; these inconsistencies reduce trust and suggest sloppy or incorrect packaging.
!
Instruction Scope
SKILL.md emphasizes a micropayment/invoice flow and declares L402_API_BASE_URL as required. The runtime code only posts JSON to /api/v1/llm/* on BASE_URL and does not implement explicit payment handling or invoice presentation logic in the tool code (it simply returns whatever the remote API responds). The SKILL.md instructs using L402_API_BASE_URL, but the source uses NAUTDEV_BASE_URL — so the skill will default to https://api.nautdev.com unless NAUTDEV_BASE_URL is set.
Install Mechanism
No install spec in registry; SKILL.md expects running via npx which is consistent with included package.json. This is a standard npm/mcp pattern (moderate risk). There are no direct downloads from arbitrary URLs; dependencies are small and typical (@modelcontextprotocol/sdk, zod).
!
Credentials
Declared required env var is L402_API_BASE_URL, but the code reads NAUTDEV_BASE_URL and falls back to a hardcoded https://api.nautdev.com. This mismatch can cause the skill to send all requests to the default host even if the user sets L402_API_BASE_URL, which is unexpected and may leak prompts to that host. Only one env var is requested (reasonable), but the wrong one being used is problematic.
Persistence & Privilege
always:false and default model-invocation settings. The skill does not request persistent system-wide changes or extra privileges and does not modify other skills' configurations.
What to consider before installing
What to consider before installing: - Environment-var mismatch: SKILL.md and registry expect L402_API_BASE_URL, but the code uses NAUTDEV_BASE_URL and defaults to https://api.nautdev.com. If you set L402_API_BASE_URL the skill will likely ignore it and still send data to the default host. Treat prompts and any sensitive content as leaving your system and going to that remote service. - Payment flow is unclear: the README/SKILL.md promise L402 micropayments/invoices, but the code only forwards requests to the API and returns the API JSON. There is no explicit handling or UX for invoices in the tool; verify with the upstream package what the API returns (it might embed an invoice), and confirm how payment is completed before relying on the promised pay-per-request behavior. - Packaging inconsistencies: package/README names and authors differ (Blue-Trianon-Ventures vs @vbotholemu). This can indicate sloppy publishing or a fork; verify the npm package owner, source repository, and published tarball contents before running via npx. - Data exposure risk: this skill sends prompts and message history to an external service by design. Do not use it with secrets, private data, or anything you cannot share publicly unless you have verified the remote provider's privacy model and trustworthiness. - Recommended checks: inspect the published npm package content and checksum, look up the package and author on the npm registry, view the repository (if any), test in an isolated environment, and contact the package author/maintainer for clarification about the env var name and payment flow. If you need guarantees about where data goes or how payments are handled, avoid installing until these questions are answered.
dist/index.js:7
Environment variable access combined with network send.
src/index.ts:7
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d2gr3h3x609q4tw0h3jk3q5840jgq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binsnpx
EnvL402_API_BASE_URL

SKILL.md

LLM Inference (L402)

Anonymous LLM inference — pay per request with Lightning sats. No API key, no signup.

Setup

{
  "mcpServers": {
    "llm-inference": {
      "command": "npx",
      "args": ["-y", "@vbotholemu/mcp-llm-inference"],
      "env": {
        "L402_API_BASE_URL": "https://api.nautdev.com"
      }
    }
  }
}

Tools

chat_completion

Multi-turn chat with message history.

generate_text

Single-prompt text generation.

list_models

Discover available models and pricing.

Payment

Powered by L402 micropayments over Lightning Network. Each request returns a Lightning invoice — pay it, get your response. ~10 sats per request.

When to Use

  • Agents needing LLM access without API key management
  • Anonymous inference (no identity required)
  • Pay-as-you-go without billing portals
  • Agent-to-agent service consumption

Files

7 total
Select a file
Select a file to preview.

Comments

Loading comments…