ClawHub

Agieth

v1.0.11

Purchase domains, manage DNS and Cloudflare settings via agieth.ai Agent Bridge

0· 106·0 current·0 all-time
byMichael Larkins@larkins
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (purchase domains, manage DNS/Cloudflare) aligns with requested env vars (AGIETH_API_KEY, AGIETH_EMAIL) and the API base (api.agieth.ai). Optional ETH private key for automated ETH payments and optional RPC endpoints are appropriate for an Ethereum-based payment flow. Minor mismatches: skill.py SKILL_VERSION (1.0.8) differs from registry version (1.0.11) and some default registrar names vary between docs/code.
Instruction Scope
SKILL.md instructs only to provide the API key/email (and optionally an ETH private key for send_payment). It documents network endpoints and warns to verify payment_address before sending ETH. The docs explicitly state the Cloudflare tunnel uses agieth.ai's Cloudflare account — a privacy/traffic-routing detail users should note. The included code has minor implementation bugs (for example, add_dns_record builds params but calls _post without passing them), but there are no instructions to read arbitrary local files or unrelated environment variables.
Install Mechanism
No install spec (instruction-only) — lowest install risk. A Python client file (skill.py) is bundled; nothing downloads external code at install time. No URLs or extract/install steps are used by the skill itself.
Credentials
Requires AGIETH_API_KEY and AGIETH_EMAIL which are proportional to domain/DNS management. ETH_WALLET_PRIVATE_KEY is optional and explicitly documented as only needed for automated send_payment; users are advised they can instead use an external wallet. No unrelated secrets or multiple unrelated credentials are requested.
Persistence & Privilege
always is false (no forced inclusion). The skill does not request system config paths or cross-skill credentials. It will be able to run autonomously (disable-model-invocation is false) which is platform-default; combine this with credential access only if you plan to allow the agent autonomous domain/DNS operations.
Assessment
This skill appears to do what it says: manage domains and DNS through agieth.ai and optionally automate ETH payments. Before installing: - Only provide AGIETH_API_KEY/AGIETH_EMAIL if you trust agieth.ai to manage your domains and DNS. - Prefer manual ETH payments using the payment_address from the quote; only set ETH_WALLET_PRIVATE_KEY if you understand the risks of storing a private key in the environment and accept automatic on-chain sends. - Note Cloudflare tunnel traffic is routed through agieth.ai's Cloudflare account — that affects privacy and trust. - Review the bundled skill.py if you can: there are small implementation bugs (e.g., add_dns_record does not pass constructed params to the POST) and a version string mismatch; these look like implementation sloppiness rather than malicious behavior. - If you plan to let the agent act autonomously, restrict the API key permissions to minimum required scope and monitor actions (domain registrations, DNS changes, payments).

Like a lobster shell, security has layers — review code before you run it.

latestvk97ccakv5dwpvjz6vjqqt5d09d83saax

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
EnvAGIETH_API_KEY, AGIETH_EMAIL
Primary envAGIETH_API_KEY

Comments