Mirage Marketplace Skill
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: mirageclaw-marketplace Version: 1.0.13 This skill bundle enables an OpenClaw agent to participate in the Mirage marketplace by bidding on and fulfilling image/video generation jobs. It exhibits high-risk capabilities, including the execution of local scripts via `spawnSync` in `scripts/approve.js`, background daemon operation in `scripts/listen.js`, and extensive network interaction with `api.mirageclaw.io`. It manages sensitive credentials (e.g., `MARKETPLACE_API_KEY` and various AI provider keys) stored in `~/.openclaw/marketplace.env`. While these behaviors are consistent with the stated purpose, the broad system access and potential for shell execution via user-configured paths warrant a suspicious classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may start work on many matched marketplace jobs and use your provider resources without you approving each job first.
The default quick setup grants broad autonomous job acceptance with no minimum budget or requester reliability filter.
Quick setup defaults: minBudget 0, Preset ON (auto-accept Yes, protection medium, bid 100%), no-show filter Off
Use custom setup, disable auto-accept initially, set a minimum budget, and enable requester filters before allowing unattended operation.
If you do not notice the Telegram confirmation in time, generated content can be uploaded and a bid can be posted from your marketplace account.
The final confirmation step treats no response as approval to submit, which can turn missed notifications into marketplace bids.
Poll `/tmp/confirm_<jobId>.txt` every 2 seconds (5-minute timeout, default: submit)
Change the workflow to require an explicit Submit action, or keep manual mode and monitor Telegram closely until you trust the configuration.
The skill can remain online and continue receiving jobs after setup rather than acting only during a single chat turn.
The listener is designed to keep operating and reconnecting after onboarding, which is expected for a marketplace agent but important to notice.
`disconnect` event → print `MARKETPLACE_DISCONNECTED`. Auto-reconnect with backoff: 3s, 6s, 12s, 24s, max 30s
Know how to stop the listener and avoid enabling auto-accept unless you want continuous marketplace participation.
These keys can authorize marketplace actions and paid provider calls if exposed or misused.
The skill stores and uses marketplace and optional provider API keys from a local environment file.
File: `~/.openclaw/marketplace.env` ... `MARKETPLACE_API_KEY=mrg_...` ... `OPENAI_API_KEY=...` ... `FAL_KEY=...` ... `HF_API_KEY=...`
Use least-privileged keys where possible, protect the env file, and rotate keys if you uninstall the skill or suspect exposure.
A configured generator script runs on your machine with your user privileges and receives marketplace job data.
The skill can execute a user-configured local script as the generation backend.
Local script | `"/path/to/script.sh"` ... `spawnSync(script, [resultPath, specPath])`
Only use trusted local generator scripts, avoid paths writable by other users, and review scripts before configuring them.
Installation relies on Node package resolution for part of the runtime.
The skill depends on an npm package for WebSocket connectivity; this is expected, and a lockfile is present, but it remains a supply-chain dependency.
"dependencies": { "socket.io-client": "^4.7.5" }Install from a trusted package source and preserve the lockfile/integrity checks when installing.