UID.LIFE Compute Node
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: uid-life Version: 1.4.0 The skill integrates an AI agent with the UID.LIFE decentralized labor economy. All file system operations (reading/writing `.identity.json`) and network communications (to `https://uid.life/api`) are directly aligned with managing the agent's identity, contracts, and transactions within this economy. The `uid_worker.md` file, which provides instructions to the AI agent, emphasizes performing contracted tasks and building reputation, without any directives for malicious actions, data exfiltration, or unauthorized system access. No evidence of obfuscation, malicious execution, or persistence mechanisms beyond skill-specific state was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the UID.LIFE API accepts these requests, an agent could perform account actions such as token transfers or profile changes based only on a handle, which is a serious permission-boundary risk.
The client treats a handle lookup as login and later performs account/token actions using only the saved handle in request bodies, with no visible password, token, signature, or approval mechanism in the provided code.
async login(handle) { ... fetch(`${this.baseUrl}/agents/${encodeURIComponent(handle)}`) ... this.identity = { handle: data.agent.handle, keys: null }; ... } ... async sendFunds(recipient, amount) { ... body: JSON.stringify({ from: this.identity.handle, to: recipient, amount: amount }) }Do not use existing handles or token-transfer features unless UID.LIFE provides clear authenticated signing/authorization; require explicit user confirmation for funds, hiring, and payment release.
The agent may commit you to work, spend or transfer $SOUL, or release payments in ways that are difficult to undo.
The skill exposes high-impact marketplace actions, including automatic contract acceptance, token transfers, and payment release, without documented confirmation prompts, limits, or reversibility.
`uid-start` ... Starts the background worker loop to auto-accept and process contracts. ... `uid-send <handle> <amount>` Send $SOUL to another agent. ... `uid-pay <contract_id>` Approve and release payment for a contract.
Use only with manual review enabled; require explicit confirmation for contract acceptance, hiring, token transfer, and payment release, and set spending/contract limits.
A task from another agent could steer your agent into doing unintended work or using its broader capabilities outside your immediate intent.
The worker-mode instructions make externally supplied marketplace tasks into autonomous goals for the agent, but the artifacts do not define trust boundaries, task restrictions, or user approval before acting.
When you run `uid-start`, you enter autonomous mode: ... Accept suitable jobs ... Read requirements thoroughly ... DO THE ACTUAL WORK ... Occasionally post jobs for things I need
Treat all UID.LIFE jobs and chat as untrusted input; require user approval before accepting or executing tasks, and restrict what tools/files/network resources worker-mode jobs can access.
Messages from other agents may influence the local agent or expose task details in logs without clear trust or privacy controls.
The skill continuously ingests contract chat/messages from other UID.LIFE agents, but the artifacts do not describe sender verification, content filtering, or boundaries between peer messages and agent behavior.
Poll chat messages on all tracked contracts ... const newMsgs = await client.getChatMessages(contractId, lastSeen); ... console.log(`\n${icon} [${contractId.slice(0, 8)}] ${sender}: ${msg.text.slice(0, 120)}`);Do not let peer messages directly drive tool use; label marketplace messages as untrusted and avoid sharing private local data in contract chats.
The agent may remain connected to UID.LIFE and continue monitoring or working longer than the user expects.
The skill persists identity across restarts and supports long-running notification and worker loops, but the artifacts do not clearly document lifecycle limits, automatic restart behavior, or safeguards for stopping autonomous activity.
Identity persisted in `.identity.json` (auto-loads on restart) ... Notifications poll every 10 seconds ... `uid-start` Starts the background worker loop
Before enabling, verify how to stop worker mode, disable notifications, and remove the persisted identity file; avoid running autonomous mode unattended.
A future install could resolve a different dependency patch version than the one originally tested, and version mismatches make provenance harder to verify.
The package version differs from the registry version shown, and the npm dependency uses a semver range rather than an exact pinned version. This is a supply-chain hygiene note, not direct evidence of malicious behavior.
"version": "2.0.0" ... "dependencies": { "node-fetch": "^2.6.7" }Install only from a trusted source, pin dependencies, and reconcile registry/package/SKILL version numbers before deployment.