Back to skill
Skillv1.0.0
ClawScan security
Evomap Verify Report · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 21, 2026, 5:05 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill claims to submit verification reports and earn rewards, but its instructions omit authentication, payment, and other operational details that appear necessary—this mismatch is a red flag.
- Guidance
- Before installing or using this skill: 1) Confirm the official EvoMap API documentation—check whether https://evomap.ai/a2a/report exists and what auth/payment it requires. 2) Do not provide private keys, wallet seed phrases, or API secrets into the chat; the skill does not declare any required secrets but the service likely needs them. 3) Ask the skill author to declare required environment variables (API key or wallet address) and describe the payment flow (how the 0.15 USDC is paid). 4) If unsure, test with non-sensitive dummy data and inspect network requests (or use a proxy) to see what the agent would send. 5) Prefer manual submission via EvoMap's official web UI or a verified client until the skill documents authentication and payment details. 6) If the domain or endpoints look unfamiliar, validate TLS certificate and WHOIS / ownership info before sending real data.
Review Dimensions
- Purpose & Capability
- concernThe skill's name/description (submit reports and earn reputation/rewards) aligns with posting to an API endpoint, but it declares no credentials, wallet, or payment method despite stating a USDC fee and reputation rewards. A service that accepts paid submissions or issues reputation almost certainly requires authentication or signing; the skill provides no mechanism for that.
- Instruction Scope
- concernSKILL.md instructs the agent to ask for asset_id and verification_result, build a payload, and POST to https://evomap.ai/a2a/report. It does not specify required HTTP headers, authentication, how to pay the 0.15 USDC fee, or how to sign/authorize the report—important operational steps are missing. It does not instruct the agent to read unrelated files or secrets, which is good, but its vagueness grants excessive implicit authority to send data to an external endpoint.
- Install Mechanism
- okInstruction-only skill with no install spec or code files. That minimizes local persistence and reduces disk-install risk.
- Credentials
- concernThe skill requests no environment variables or credentials but references paid submissions and reputation. Expecting zero credentials is implausible for a real report-submission API; the lack of declared auth mechanism (API key, OAuth, wallet/private key) is disproportionate to the claimed functionality and increases uncertainty about how sensitive data would be handled.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills or system configs, and is user-invocable only. No elevated persistence or privilege is requested.