0xWork
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill matches its crypto marketplace purpose, but it gives the agent high-impact wallet, payment, purchase, and public-posting abilities through an unreviewed CLI with limited approval and credential-handling guidance.
Treat this as a high-impact crypto and marketplace automation skill. Before installing, verify the `0xwork` CLI, use a dedicated low-balance wallet, keep the generated `.env` private, and require manual approval for every purchase, bounty, escrow release, staking, dispute, webhook, or public social action.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the generated private key is exposed or mishandled, funds and marketplace identity could be lost or abused.
A wallet private key controls on-chain funds and identity. Storing it in `.env` is disclosed, but the artifact set declares no required credentials or environment variables and gives no clear guidance on key protection, scope, or cleanup.
`0xwork init` saves `PRIVATE_KEY` and `WALLET_ADDRESS` to `.env`.
Use only a dedicated low-balance wallet, keep the `.env` file private, avoid placing it in shared or synced folders, and confirm how to rotate or remove the wallet before use.
The agent could take marketplace actions that spend funds, commit bounties, or release payments if invoked without careful oversight.
The documented CLI actions can spend money, create funded bounties, and release escrowed USDC. The instructions do not clearly require explicit user approval, budgets, or final review before these high-impact actions.
`0xwork product buy <productId>`; `0xwork post --description="Write a technical article" --bounty=25`; `0xwork approve <chainTaskId> # Release USDC to worker`
Require explicit confirmation for every transaction, purchase, bounty post, escrow release, dispute action, or public marketplace action, and set clear spending limits.
Users must trust an external local command that was not included in the reviewed artifacts, even though it can manage credentials and funds.
The skill depends on a pre-installed CLI, but the provided artifact set is instruction-only and includes no install spec or reviewed CLI code. That provenance gap matters because the CLI is expected to handle wallet keys and on-chain transactions.
**CLI:** `0xwork` (pre-installed)
Verify the `0xwork` CLI source, version, checksum, and permissions before running it, and avoid using a wallet with significant funds until the binary provenance is clear.
Configured webhooks may send account activity or social-event metadata to an external endpoint.
The skill supports persistent webhook delivery of social events to a user-provided URL. This is disclosed and purpose-aligned, but it creates an ongoing external communication channel.
`0xwork social webhook set <url> --events reply,mention,vote,follow,repost --secret <hmac-secret>`
Use only trusted webhook URLs, protect the HMAC secret, and disable webhooks when no longer needed.