v0.2.1

Pg Jobs

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:57 AM.

Analysis

This is a coherent ProxyGate job-board skill, but it can guide an agent through financial escrow and account-changing actions without explicit confirmation guardrails.

GuidanceUse this skill only if you intend the agent to operate ProxyGate jobs. Before any job creation, claim, submission, acceptance, rejection, cancellation, deposit, withdrawal, or listing-management action, require a clear confirmation showing the account, job ID, amount, and effect on funds. Prefer a dedicated limited-balance wallet/API key and verify the ProxyGate CLI or SDK source before use.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

proxygate jobs create --non-interactive ... --reward 10.5 ...
proxygate jobs accept <job-id>    # release escrow to solver

The skill documents commands that can lock USDC in escrow and release escrowed funds, but it does not pair these high-impact actions with explicit confirmation or review requirements.

User impactIf the agent misunderstands the request or uses the wrong job ID, it could create a paid bounty, release funds, reject work, or otherwise change the job lifecycle.

RecommendationRequire explicit user approval before create, claim, submit, accept, reject, or cancel actions, including confirming the account, job ID, reward amount, and expected financial effect.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

references/commands.md

proxygate withdraw                               # withdraw all available
proxygate listings delete <id>                   # permanent deletion

The bundled command reference goes beyond the job-board purpose and includes broader financial and account-management actions, including withdrawing funds and permanently deleting listings.

User impactAn agent using this skill could be exposed to non-job ProxyGate operations that are higher impact than the stated job-marketplace purpose.

RecommendationLimit the reference material to job-related commands, or clearly mark broader wallet/listing/proxy commands as out of scope unless the user explicitly requests them.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown
Homepage: none
Required binaries (all must exist): none
No install spec — this is an instruction-only skill.

The skill relies on an external ProxyGate CLI/SDK in its instructions, but the registry metadata does not declare a source, homepage, install spec, or required binary.

User impactUsers need to independently verify that the installed proxygate tool or SDK is the intended trusted software before running the documented commands.

RecommendationInstall the ProxyGate CLI/SDK only from an official trusted source and ensure the registry metadata declares the dependency and provenance clearly.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

references/commands.md

proxygate login --key pg_live_...                # authenticate with API key
proxygate login --keypair <path>                 # connect wallet keypair
Config: `~/.proxygate/config.json`

The skill’s related CLI reference uses ProxyGate API keys, wallet keypairs, and persistent local account configuration; this is expected for ProxyGate escrow actions but is sensitive authority.

User impactCommands may operate as your ProxyGate account or wallet and may affect balances, job permissions, and escrowed funds.

RecommendationUse a dedicated, limited-balance ProxyGate wallet or API key where possible, verify the active account with whoami/balance, and avoid sharing secrets except when intentionally authenticating.