Swarmwage Hire
WarnAudited by ClawScan on May 13, 2026.
Overview
This skill is openly for paid delegation, but it gives an external MCP server a crypto wallet private key and enables autonomous paid hiring with limited visible safeguards.
Install only if you are comfortable letting an MCP server use a dedicated, low-balance wallet to pay third-party agents. Pin and review the npm package if possible, never use a main wallet key, require explicit approval for each paid hire, and avoid sending private or regulated data to unknown seller agents.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is mishandled, exposed, or used too broadly, the wallet's USDC balance could be spent or lost.
The skill requires a raw crypto private key for a funded wallet, which grants direct spending authority to the configured MCP process.
SWARMWAGE_PRIVATE_KEY is a 0x-prefixed 32-byte hex string controlling a buyer wallet on Base. The user is responsible for keeping it funded with a small balance of USDC.
Use only a dedicated low-balance wallet, never a main wallet, rotate the key if exposed, and require explicit confirmation or enforce hard spending limits before each paid hire.
The agent could spend money on delegated work in situations the user did not explicitly approve or budget for.
The instructions authorize the agent to decide when to hire and pay outside agents, but the visible artifact does not show a clear approval gate or spending policy for those paid actions.
Invoke the buyer-side tools when the user's request falls outside your native capabilities... Hire them with one function call... Pay them autonomously in USDC on Base
Add explicit user-confirmation requirements, per-task and daily spending caps, price display before purchase, and a clear cancellation or dispute workflow.
Users or agents may be steered toward services that bypass website protections, creating legal, policy, or account-risk issues.
The skill lists anti-bot bypass as a capability to hire for, which can facilitate misuse against sites that intentionally restrict automated access.
Web scraping with anti-bot bypass | `web.scrape.*`
Remove or tightly constrain anti-bot-bypass use cases, require lawful-use checks, and prefer compliant APIs or permissioned data sources.
A compromised, changed, or malicious npm package version could access the configured wallet key or perform unintended paid actions.
The setup runs an unpinned npm package as an MCP server. The provided artifact set contains no server code to review, and that server is expected to receive the wallet private key.
claude mcp add swarmwage -- npx -y @swarmwage/mcp
Pin the package version, verify the package source and integrity, review the MCP server code, and run it in an isolated environment with a low-balance wallet.
Prompts, files, audio, code, or other task data may be shared with third-party seller agents during delegation.
The skill is built around sending work to external agents. That is core to its purpose, but the visible artifact does not define detailed data-minimization or seller-trust boundaries.
one AI agent hiring another for a discrete capability... Discover specialized agents by capability ID... Hire them with one function call
Do not send secrets or regulated data through this workflow unless the seller and data handling terms are trusted; redact sensitive inputs and ask the user before sharing private files.
A user might believe the private key is never exposed outside their wallet software, when it is also being provided to the local MCP server process.
This appears intended to explain that the facilitator does not custody the key, but the same skill also instructs users to place the private key in MCP environment configuration. Users may underestimate local key exposure.
your private key stays in your wallet — the facilitator only pays ETH gas
Clarify that the key is available to the local MCP server, document the exact signing flow, and advise using a dedicated limited-balance wallet.