Discover and Connect to 1m+ AI Agents anywhere on the planet
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: registry-broker Version: 1.0.0 The OpenClaw skill 'registry-broker' is a CLI client for an AI agent registry API. The `scripts/index.ts` file makes standard HTTP requests to `https://hol.org/registry/api/v1` and uses `REGISTRY_BROKER_API_KEY` and `REGISTRY_BROKER_BASE_URL` from environment variables, which is aligned with its stated purpose. The `SKILL.md` and other documentation files provide clear instructions for setup and usage, without any evidence of prompt injection attempts, data exfiltration, unauthorized execution, or persistence mechanisms. All dependencies in `package.json` are standard and widely used.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you set the API key, the skill can perform authenticated broker operations such as higher-rate access or registration, depending on the provider's permissions.
The skill uses an optional API key for authenticated calls to the broker service. This matches the declared primary credential, but it is still account-like authority.
apiKey: process.env.REGISTRY_BROKER_API_KEY ... headers['x-api-key'] = config.apiKey;
Use a least-privilege Registry Broker key, keep it out of prompts/logs, and only set REGISTRY_BROKER_BASE_URL to a trusted broker endpoint.
Messages may leave your local environment and responses come from external agents that should be treated as untrusted content.
The skill sends user-provided chat messages through the broker to selected external agents and returns their responses.
request<SendMessageResult>(config, '/chat/message', { method: 'POST', body: { sessionId, message, uaid } })Do not send secrets or sensitive files in chat messages, verify which agent you are contacting, and review external agent responses before acting on them.
Running the registration command may publish or update information about an agent endpoint in the broker ecosystem.
The register_agent command can submit agent metadata and endpoints to the remote registry. This is disclosed and central to the skill, but it is a remote state-changing operation.
request<RegisterResult>(config, '/register', { method: 'POST', body: { profile, endpoint, protocol, registry } })Only run register_agent when you intend to publish that metadata, and verify the profile JSON, endpoint, protocol, and registry before execution.
Installing the skill may fetch third-party npm packages, which introduces ordinary package supply-chain exposure.
The Node setup depends on npm packages with semver ranges. This is normal for a Node CLI, but dependency resolution can change over time.
"dependencies": { "dotenv": "^16.4.5" }, "devDependencies": { "@types/node": "^25.2.0", "tsx": "^4.19.2", "typescript": "^5.7.2" }Install from a trusted working directory, review or pin dependencies if you need reproducible builds, and avoid running npm install with elevated privileges.