ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Netfluid

v7.0.5

Enables AI agents to process fiat and crypto payments, manage accounts, and handle multi-currency transfers via Netfluid.

1· 70·0 current·0 all-time
by@jnysschensol
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's purpose (fiat/crypto payments, onboarding, on-ramps/off-ramps) matches the SKILL.md actions (create wallets, KYC, transfers). However, the package metadata declares no required credentials or primary API key while the instructions clearly rely on API keys, tokens, and handling of PINs/secrets. That missing declaration is disproportionate for a payments integration and breaks coherence.
Instruction Scope
SKILL.md contains detailed runtime instructions for onboarding humans and agent wallets, creating virtual accounts, initiating cross-chain and fiat transfers, and handling KYC (ID scans/selfies). These actions are within the stated domain, but they involve PII, user-supplied PINs/secrets, and real-money operations. The instructions are prescriptive about storing/returning api_key and session_token and require sending SOL; they do not clearly specify how credentials, KYC data, or funds confirmations are validated/stored, which is a privacy and operational risk.
Install Mechanism
No install spec and no code files are included; SKILL.md is instruction-only. This reduces supply-chain risk because nothing is downloaded or executed locally by the installer. However, absence of code means network calls and credential handling would be done by the hosting platform/agent runtime—verify how the platform implements those calls.
!
Credentials
The skill operates on sensitive assets and identity data but declares no required environment variables or primary credential. The instructions nevertheless require API keys, tokens, and human PINs/secrets (some returned by calls). Requiring system-wide unique secrets and human PINs without clearly specified secure storage or declared credential inputs is disproportionate and a red flag.
Persistence & Privilege
The skill is not marked always:true and is user-invocable, which is appropriate. However the runtime returns and presumably stores api_key and session_token values and is capable of initiating fund transfers. Because model-invocation is enabled (default), an agent could autonomously act on financial operations unless the platform or skill enforces explicit user confirmations—verify that explicit human confirmations are required for any movement of funds or KYC submission.
What to consider before installing
Do not install or run this skill without additional verification. Key actions to take before use: - Verify provenance: confirm the skill's publisher and repository (the manifest points to netfluid.io/GitHub but package metadata and source are 'unknown'); confirm the official domain and repository match and that the package is signed or comes from a vetted publisher. - Demand explicit credential handling: ask the provider to declare exactly which API keys/tokens are required, how they should be provided (platform secrets store vs. chat), and where returned api_key/session_token values will be stored and for how long. - Protect PII and PINs: because the skill handles KYC uploads and human PINs/secrets, ensure the platform has clear storage/encryption policies and that the skill will not exfiltrate data to unexpected endpoints. - Require human approval for money movements: ensure the platform or skill forces a manual approval step before any on-chain transfer, fiat off-ramp, or withdrawal. - Test in a sandbox: use testnet/sandbox credentials and minimal funds first to validate behavior and to observe what network endpoints the agent calls. - Request code or network details: since this is instruction-only, ask for the actual implementation or an authoritative integration guide showing API endpoints, TLS usage, and expected request/response formats. - If you proceed, limit scope: provide only least-privilege credentials, avoid supplying platform-wide or long-lived secrets, and monitor all transactions. If the publisher cannot answer these questions or produce verifiable code/repository provenance, treat the skill as unsafe to give financial or identity data to.

Like a lobster shell, security has layers — review code before you run it.

achvk97c5g6yjavr8bnxvq7y6q1ngx848ewxagent-incomevk97c5g6yjavr8bnxvq7y6q1ngx848ewxagent-payrollvk97c5g6yjavr8bnxvq7y6q1ngx848ewxai-agentvk970pntwpfha4dg15w9vy7rgf9848mj1avalanchevk97c5g6yjavr8bnxvq7y6q1ngx848ewxbank-accountvk97c5g6yjavr8bnxvq7y6q1ngx848ewxbankingvk970pntwpfha4dg15w9vy7rgf9848mj1cryptovk970pntwpfha4dg15w9vy7rgf9848mj1ethereumvk97c5g6yjavr8bnxvq7y6q1ngx848ewxfiatvk97c5g6yjavr8bnxvq7y6q1ngx848ewxfinancevk970pntwpfha4dg15w9vy7rgf9848mj1global-paymentsvk97c5g6yjavr8bnxvq7y6q1ngx848ewxkycvk97c5g6yjavr8bnxvq7y6q1ngx848ewxlatestvk97etkzte99q20ty7dm97vz04d84awnfmulti-currencyvk97c5g6yjavr8bnxvq7y6q1ngx848ewxofframpvk97c5g6yjavr8bnxvq7y6q1ngx848ewxonrampvk97c5g6yjavr8bnxvq7y6q1ngx848ewxpaymentsvk970pntwpfha4dg15w9vy7rgf9848mj1sepavk97c5g6yjavr8bnxvq7y6q1ngx848ewxsolanavk97c5g6yjavr8bnxvq7y6q1ngx848ewxsouth-africavk97c5g6yjavr8bnxvq7y6q1ngx848ewxusdcvk97c5g6yjavr8bnxvq7y6q1ngx848ewxwalletvk97c5g6yjavr8bnxvq7y6q1ngx848ewxwirevk97c5g6yjavr8bnxvq7y6q1ngx848ewxwithdrawvk97c5g6yjavr8bnxvq7y6q1ngx848ewxzarvk97c5g6yjavr8bnxvq7y6q1ngx848ewx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments