Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Fortytwo MCP
v1.1.0Fortytwo Prime: collective multi-agent inference for high-stakes questions. ALWAYS use when the user says "Ask Fortytwo", "Ask Prime", "ask Fortytwo Prime",...
⭐ 2· 149·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's description (on-chain pay-per-token collective inference) matches the included scripts: they create x402 payment signatures, call an external MCP gateway (https://mcp.fortytwo.network/mcp), and use Base/Monad RPCs. However, the registry metadata declares no required environment variables or primary credential while the scripts require a sensitive evm_private_key env var. That omission is an incoherence: the private key is necessary for the stated payment flow but was not declared.
Instruction Scope
SKILL.md directs operators to run local Python scripts that: read evm_private_key from the environment, call public RPC endpoints, POST JSON-RPC calls to the external Fortytwo gateway, and save session state to /tmp/.fortytwo_session. The instructions do not ask the agent to read unrelated system files, but they do instruct the agent (and local operator) to handle a private key and run code that will transmit signed payment payloads and queries to a remote service — this is within the skill's purpose but materially expands the agent's runtime scope and exposes a sensitive secret if misused.
Install Mechanism
There is no install spec (instruction-only), which is lower install risk. However, the skill bundles runnable Python scripts that will be executed by the user/agent; there is no provenance or homepage beyond a claimed platform URL, and no package signing/audit. The absence of an install step reduces supply-chain risk, but executing included code still runs arbitrary network and crypto operations on the host.
Credentials
The scripts require a full EVM private key (evm_private_key), which is a highly sensitive credential appropriate for signing on-chain payments and therefore proportionate to the described pay-per-token flow — but the skill registry fails to declare this required env var or any primary credential. Requiring a raw private key in an environment variable is inherently risky; the documentation recommends a dedicated low-value wallet, but the registry omission and lack of provenance increase the risk of accidental use of high-value keys.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It persists a session id to /tmp/.fortytwo_session and reuses it for subsequent calls (max 90 minutes). This local session file is modest persistence and expected for the described billing/session flow.
What to consider before installing
This skill will sign on-chain payment payloads using a private EVM key and send queries to an external MCP gateway. Before installing or running it: (1) Do NOT use any high-value private key — create and fund a dedicated low-value wallet (as the docs recommend). (2) Confirm the skill registry metadata is corrected to list evm_private_key as a required credential and request provenance/homepage/audit info for the mcp gateway (https://mcp.fortytwo.network). (3) Inspect the included scripts yourself (they are present) or run them in an isolated environment. (4) Prefer using a signing flow that doesn't require placing long-term private keys in environment variables (hardware wallet or local signing service) if possible. (5) If you proceed, run the provided preflight first and verify the exact network, contract address, and gateway endpoints before funding the wallet.Like a lobster shell, security has layers — review code before you run it.
latestvk97f41prrnwwbx15mgdq8w79t983xg02
License
MIT-0
Free to use, modify, and redistribute. No attribution required.