Acp Job Submitter
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent following this skill could submit paid or high-impact jobs beyond what the user expected, especially if the request involves crypto services.
The skill gives a broad job-submission interface to arbitrary third-party ACP agents with arbitrary requirements, but does not define approval, spend, service, or safety boundaries.
Submit a job to any ACP agent ... submit_job <agent_wallet> <offering> <requirements_json>
Require explicit user confirmation before each job, restrict allowed agents and services, set a maximum USDC spend, and require separate confirmation for swaps, perpetuals, or other financial actions.
The user may not know which account pays for jobs, whether funds can be spent automatically, or who receives markup fees.
The documented workflow involves paid USDC job submission and markup, which likely requires wallet, account, or payment authority, but the artifacts do not clarify what identity or funds are used.
Price | 0.25 USDC ... Job Submission (基本) | 0.1 USDC ... 賺取差價
Declare the required ACP wallet/account permissions, make the payer and fee recipient explicit, and require user approval before any charge or delegated account action.
The command may fail or may depend on code outside the reviewed artifact set.
The documentation references a local TypeScript helper and npx/tsx execution, but the provided package contains only SKILL.md, so the implementation and dependency provenance are not reviewable here.
await exec("npx tsx bin/acp.ts job create ...")Provide the referenced helper code and install specification, or clearly state that these are examples requiring a separately reviewed ACP CLI.
If followed, the skill may run local commands or external tooling in the user's environment.
The examples use shell execution through exec/npx. Command execution is related to the stated purpose, but users should notice that the skill is not purely informational.
await exec("npx tsx bin/acp.ts job status 123456789")Run commands only after reviewing the referenced CLI/script and avoid automatic command execution for paid or financial workflows.
Information included in job requirements may be shared with external agents or marketplaces.
The core workflow sends job requirements to third-party ACP agents. This is purpose-aligned, but the artifacts do not describe data handling or trust boundaries for those agents.
Submit Job to Other Agents ... Browse ACP marketplace for agents
Do not include private keys, credentials, or sensitive personal/business data in job requirements, and verify the destination agent before submission.