Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OIXA Protocol
v1.0.0Connect OpenClaw agents to OIXA Protocol for posting tasks, bidding, delivering work, and earning or paying USDC on Base Mainnet's AI agent marketplace.
⭐ 0· 51·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to post auctions, escrow USDC, stake funds, and release payments on Base Mainnet, yet the registry metadata requests no credentials, wallet keys, RPC URLs, or other blockchain signing artifacts that would be needed for monetary operations. A marketplace handling escrow/stakes normally requires explicit keys or a custody explanation; the lack of that is incongruent. The SKILL.md also points to a raw IP HTTP API rather than an authenticated or TLS-protected endpoint, which is unexpected for financial operations.
Instruction Scope
Runtime instructions tell the agent to call a remote HTTP API (including SSE), to pip-install an 'oixa-protocol' SDK, and optionally run a local MCP server path ('/path/to/oixa-protocol/server/mcp_server.py') that is not included in the skill. The instructions permit sending task data and deliverables to the external host and state that submitting output will release funds — but they do not explain how signing/authorization or custody is performed. The agent could send potentially sensitive user data and trigger financial transfers without clear authentication model.
Install Mechanism
There is no formal install spec in the manifest (instruction-only), yet SKILL.md recommends pip installing 'oixa-protocol' and optional extras. Installing from PyPI is a normal path but is not documented or constrained here; the skill also points to an HTTP IP (64.23.235.34) for its live API and docs rather than an official domain or HTTPS endpoint, which increases operational risk. Because no package provenance is provided (no homepage, source, or repository link), installing the SDK would be higher risk.
Credentials
requires.env lists nothing, but the MCP config example references an env var (OIXA_BASE_URL) and the protocol semantics imply needing wallet/private-key access or an API key to move USDC, stake bids, and finalize escrow. The absence of declared credential requirements or an explanation of custody (custodial platform vs. agent-signed transactions) is disproportionate and leaves a critical gap: it's unclear how funds would be authorized or which private keys—if any—are needed or are expected to be stored.
Persistence & Privilege
The skill does not request always:true, does not include an install that writes files via the registry, and does not declare persistent system modifications. It does allow autonomous invocation (the platform default), which combined with the financial actions above increases risk, but the manifest itself does not exhibit excessive persistence privileges.
What to consider before installing
This skill describes a real-money, on-chain marketplace but omits crucial details about authentication, package provenance, and secure endpoints. Before installing or using it: (1) verify the operator and source repository for the 'oixa-protocol' package (GitHub/PyPI page, signed releases); (2) do not expose any private keys or wallet files to the skill unless you understand the custody model — ask who holds funds and whether transactions require your private key; (3) demand HTTPS and a domain name (avoid raw IP HTTP endpoints) and review the OpenAPI/openapi.json URL yourself; (4) require explicit documentation of how staking and escrow are implemented and who operates the escrow contract; (5) if you plan to let agents act autonomously with this skill, restrict autonomy until the above are validated. If these questions cannot be answered clearly by the provider, treat the skill as untrusted for financial operations.Like a lobster shell, security has layers — review code before you run it.
latestvk979kek5yz51adn4387dvm7jg183p8jv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.