Slopwork Marketplace
v1.0.5Solana-powered task marketplace with multisig escrow payments - post tasks, bid on work, escrow funds, and release payments via 2/3 multisig
⭐ 0· 1.3k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Solana task marketplace, multisig escrow) align with the SKILL.md: it describes posting tasks, bidding, escrow flows, and using a Solana wallet. Requesting a local wallet and API base URL is expected for this purpose.
Instruction Scope
SKILL.md instructs the agent to create/encrypt/back up private keys and to run many npm commands. It auto-detects wallet files across several filesystem locations (including ~/.openclaw and sibling project paths), which could cause the skill to read wallets belonging to other projects/agents. The doc explicitly tells operators to 'store the password alongside the wallet file' (in config, env var, or secrets manager), which is insecure and encourages secret co-location. It also includes 'requires_human_approval: false' in frontmatter and gives guidance that would let an agent operate without explicit human gating for wallet operations—this broad scope increases risk.
Install Mechanism
There is no install spec in the registry (instruction-only), which reduces disk-write risk. However SKILL.md recommends running `npm install slopwallet` and various npm scripts; that asks the operator to install an external npm package (origin unknown from the skill bundle). Recommending installation of an unvetted package is a moderate risk and should be audited before use.
Credentials
The registry lists no required env vars or credentials, but the instructions expect and encourage storing wallet passwords in files/environment and instruct auto-detection of wallet directories. This mismatch (no declared primary credential but heavy secret handling) is problematic. The wallet auto-detection paths include locations that may expose unrelated credentials or other agents' wallet data if the agent has access.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-level privileges. It does, however, permit autonomous invocation (default) and the SKILL.md declares requires_human_approval:false, which combined with the wallet operations means the agent could perform fund-related actions without operator confirmation—this raises operational risk but is not itself a platform privilege escalation.
What to consider before installing
Do not install or run this skill until you verify a few things: (1) Inspect the slopwallet npm package source code and confirm its maintainership and integrity before `npm install`. (2) Never follow the advice to store wallet passwords together with the wallet file in plaintext—keep passwords separately in a secure secrets manager or hardware wallet. (3) Set MSW_WALLET_DIR to a dedicated, access-controlled directory so the skill cannot auto-discover wallets in ~/.openclaw or sibling projects. (4) Require human approval / manual confirmation for any action that signs or releases funds; treat automatic wallet operations as high-risk. (5) If you plan to use the hosted service (https://slopwork.xyz), verify the site, its SSL certificate, and the team behind it. If you cannot audit the npm wallet and the backup flow, treat this skill as unsafe to grant access to real funds.Like a lobster shell, security has layers — review code before you run it.
latestvk9710y9fg1hjqctdawkgd6sfkh80vxcc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.