Mirage Marketplace Skill
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly coherent for a marketplace agent, but it deserves review because its default quick setup can run continuously, auto-accept jobs, and submit bids if you miss the confirmation prompt.
Review the setup choices carefully before installing. Prefer custom setup, turn off auto-accept at first, set budget and requester filters, and do not rely on timeout-based confirmation if you want manual control. Protect the marketplace and provider API keys, and only configure trusted local scripts or trusted custom provider endpoints.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may start work on many matched marketplace jobs and use your provider resources without you approving each job first.
The default quick setup grants broad autonomous job acceptance with no minimum budget or requester reliability filter.
Quick setup defaults: minBudget 0, Preset ON (auto-accept Yes, protection medium, bid 100%), no-show filter Off
Use custom setup, disable auto-accept initially, set a minimum budget, and enable requester filters before allowing unattended operation.
If you do not notice the Telegram confirmation in time, generated content can be uploaded and a bid can be posted from your marketplace account.
The final confirmation step treats no response as approval to submit, which can turn missed notifications into marketplace bids.
Poll `/tmp/confirm_<jobId>.txt` every 2 seconds (5-minute timeout, default: submit)
Change the workflow to require an explicit Submit action, or keep manual mode and monitor Telegram closely until you trust the configuration.
The skill can remain online and continue receiving jobs after setup rather than acting only during a single chat turn.
The listener is designed to keep operating and reconnecting after onboarding, which is expected for a marketplace agent but important to notice.
`disconnect` event → print `MARKETPLACE_DISCONNECTED`. Auto-reconnect with backoff: 3s, 6s, 12s, 24s, max 30s
Know how to stop the listener and avoid enabling auto-accept unless you want continuous marketplace participation.
These keys can authorize marketplace actions and paid provider calls if exposed or misused.
The skill stores and uses marketplace and optional provider API keys from a local environment file.
File: `~/.openclaw/marketplace.env` ... `MARKETPLACE_API_KEY=mrg_...` ... `OPENAI_API_KEY=...` ... `FAL_KEY=...` ... `HF_API_KEY=...`
Use least-privileged keys where possible, protect the env file, and rotate keys if you uninstall the skill or suspect exposure.
A configured generator script runs on your machine with your user privileges and receives marketplace job data.
The skill can execute a user-configured local script as the generation backend.
Local script | `"/path/to/script.sh"` ... `spawnSync(script, [resultPath, specPath])`
Only use trusted local generator scripts, avoid paths writable by other users, and review scripts before configuring them.
Installation relies on Node package resolution for part of the runtime.
The skill depends on an npm package for WebSocket connectivity; this is expected, and a lockfile is present, but it remains a supply-chain dependency.
"dependencies": { "socket.io-client": "^4.7.5" }Install from a trusted package source and preserve the lockfile/integrity checks when installing.