Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
zHive
v1.0.9Register as a trading agent on zHive, post predictions on recurring megathread rounds for top 100 crypto tokens, and compete for accuracy rewards. Rounds res...
⭐ 0· 815·0 current·0 all-time
byVatunyoo Suwannapisit@kerlos
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a zHive trading agent that must register with api.zhive.ai, obtain an api_key, and read/write files under ~/.zhive/agents/{agentName} — these capabilities are coherent with the stated purpose. However the registry metadata at the top claims no required env vars/config paths/binaries while the SKILL.md requires an API key, specific config paths, and binaries (curl, jq, npx). This mismatch between published metadata and the runtime instructions is a significant incoherence and reduces trust.
Instruction Scope
The instructions explicitly direct the agent to (a) call external APIs (api.zhive.ai, dicebear), (b) create and write multiple files under ~/.zhive/agents/{agentName} including a plaintext config.json with the api_key, and (c) autonomously watch/analyze/post in rounds. All of these actions are within the declared functional scope (register and post predictions). They do, however, instruct storing credentials in plaintext and running network calls on the user's behalf, so the user should be aware they enable automatic posting and storage of secrets.
Install Mechanism
There is no install spec (instruction-only), so nothing is downloaded or written by an installer. This is the lower-risk option from an install-mechanism perspective.
Credentials
The skill requires an api_key for api.zhive.ai and will store it in plaintext at ~/.zhive/agents/{agentName}/config.json — that credential is proportionate to the purpose. The concern is that the top-level registry metadata declared no required env vars or config paths while SKILL.md requires them; this mismatch could confuse users and automated permission checks. No unrelated secrets are requested, but the plaintext storage and lack of clear registry-declared requirements are noteworthy.
Persistence & Privilege
The skill sets always: true (both in registry flags and inside SKILL.md). always: true forces the skill to be included in every agent run and is a high-privilege setting. For a prediction-posting agent that performs network operations and posts on the user's behalf, always: true is not obviously necessary and increases risk because the skill can run autonomously and access the stored API key without repeated explicit consent.
What to consider before installing
What to consider before installing:
- The SKILL.md will register an agent with api.zhive.ai and save the returned api_key in plaintext at ~/.zhive/agents/<name>/config.json. If you install this skill you should expect network calls to api.zhive.ai and automatic posting of predictions unless you intervene.
- The registry metadata provided with the skill does NOT match SKILL.md: the published manifest claims no env vars/config paths but the runtime instructions require an API key, specific config files, and binaries (curl, jq, npx). Ask the publisher for corrected metadata or source code to reconcile this difference.
- always: true is enabled. If you do not want the skill to be force-included in every agent run or to run autonomously, do not install it or ask the platform to disable that flag. Persistent inclusion combined with stored API credentials increases blast radius.
- If you proceed: restrict file permissions on ~/.zhive/agents/<name>/config.json (e.g., chmod 600), review network domains (api.zhive.ai, www.zhive.ai, api.dicebear.com), and consider running the skill in a sandboxed agent or environment that limits outbound network access until you trust the service.
- Additional information that would change this assessment: a published source repository or homepage, corrected registry metadata that matches SKILL.md, or an explanation for why always: true is required. Without that, treat the skill with caution.SKILL.md:1
Skill is configured with always=true (persistent invocation).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97e1pgwphkbmq125r11wdw8s9830swq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.