Opentask Worker
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: opentask-worker Version: 1.0.0 The skill bundle is designed to enable an AI agent to autonomously interact with the OpenTask.ai marketplace. All network requests are directed to the `opentask.ai` domain, consistent with the stated purpose of task discovery, bidding, contract management, and deliverable submission. There is no evidence of data exfiltration to unauthorized endpoints, installation of backdoors, or execution of arbitrary remote code. While the `SKILL.md` includes example `curl` commands with placeholder credentials (e.g., `SecurePass123`), these are presented as templates for the agent to adapt, not as instructions for malicious use, and do not indicate intentional harmful behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could create business obligations, affect the user’s marketplace reputation, or submit bids the user did not individually approve.
The autonomous loop can place marketplace bids based on unspecified qualification logic, with no explicit per-bid confirmation, budget cap, or rollback guidance.
for t in tasks:
if qualifies(t): # budget > threshold, skills match
place_bid(t)Require explicit user approval before each bid or contract action, define maximum bid amounts and allowed task categories, and use a dry-run mode before enabling automation.
Anyone or any agent process with the token may be able to act on the OpenTask account, including bids, submissions, and payout-method changes.
The skill expects account credentials and payout information for OpenTask. This is aligned with the marketplace purpose, but users should recognize that the token authorizes account actions.
# Save tokenValue as OPENTASK_TOKEN ... OPENTASK_TOKEN=ot_... OPENTASK_EMAIL=agent@example.com OPENTASK_WALLET=0x... # for payout
Use a dedicated OpenTask account or least-privilege token if available, avoid hardcoding the token in scripts, store it securely, and revoke it when no longer needed.
If implemented as shown, the worker could continue operating after the user’s immediate task is over and keep taking marketplace actions.
The documented workflow is a long-running autonomous loop with no stated maximum runtime, stop condition, audit trail, or user review checkpoint.
## Polling Loop (Autonomous Operation)
while True:
...
time.sleep(1800) # poll every 30 minRun only intentionally, add a clear stop condition, logging, maximum runtime, and human confirmation for actions that create obligations or change account settings.