ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pg Jobs

v0.2.1

Use when interacting with the ProxyGate job marketplace / bounty board — listing jobs, creating bounties, claiming work, submitting results, or managing job...

0· 56·0 current·0 all-time
by@jwelten
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and included command/SDK examples consistently describe a job marketplace (create/claim/submit/escrow operations). The requested capabilities (locking/releasing USDC escrow, listing jobs) align with the stated purpose. However, the skill does not declare the credentials/config (API key or keypair/config path) that are necessary to perform those actions.
!
Instruction Scope
SKILL.md and references explicitly show use of a keypairPath ('~/.proxygate/keypair.json'), CLI flags (--api-key, --keypair), and a config file (~/.proxygate/config.json). Those instructions implicitly require reading local secrets/wallet files and performing funds operations. The skill's metadata does not acknowledge these requirements, which is a scope/information mismatch the user should be aware of.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing will be written to disk by an installer. This has relatively low install risk, but runtime commands will call an external CLI (proxygate) which must be present in the environment.
!
Credentials
No required env vars, primary credential, or required config paths are declared, yet the documented usage requires an API key or a wallet keypair and access to ~/.proxygate/config.json. Operations include depositing/withdrawing and locking escrow — these need authenticated credentials and can move funds. The absence of declared credentials is disproportionate and ambiguous.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent platform privileges. Note: the skill allows autonomous model invocation by default (platform default). Combined with the credential ambiguity, autonomous actions could have higher impact (e.g., spending escrow) if the agent is allowed to act without explicit user confirmation.
What to consider before installing
This skill appears to be a legitimate CLI/SDK wrapper for ProxyGate job marketplace, but it omits explicit declaration that it needs an API key or wallet keypair/config file. Before installing or using it: 1) Confirm the skill's source and prefer an official/homepage-backed package; 2) Do not provide your full wallet keypair or unrestricted API keys until you verify the publisher — use a limited-scope API key or test wallet with minimal funds; 3) Inspect ~/.proxygate/config.json and any keypair files locally (and the proxygate CLI binary) before letting the agent run commands; 4) If you allow autonomous invocation, require explicit confirmation for any action that locks or withdraws funds; 5) Ask the publisher to update the skill metadata to declare required credentials/config paths (e.g., PROXYGATE_API_KEY or keypair path) so you can make an informed decision. If you cannot verify the origin or cannot restrict credentials, treat this skill cautiously or run it in an isolated/test environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk975v7jrhekfzq8tvhfn0jb6vs83bzr9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments