Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawhub Skill Bandwidth Income
v1.0.0Set up and monitor bandwidth-sharing nodes on Grass.io, Mysterium, Storj, and Honeygain to earn passive crypto income with automated alerts and ROI tracking.
⭐ 0· 389·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description align with the instructions: the SKILL.md explains deploying and monitoring Grass.io, Mysterium, Storj, and Honeygain nodes via Docker and tracking earnings. The listed commands and docker-compose match the stated purpose.
Instruction Scope
The runtime instructions instruct the agent/user to run docker containers, mount host paths (e.g., ~/.mysterium), supply wallet/auth tokens as env vars, open network ports, and grant NET_ADMIN capability. These actions go beyond innocuous monitoring (they change host networking and run containers with elevated privileges) and require careful handling of secrets and host resources.
Install Mechanism
This is an instruction-only skill with no install spec or included binaries. No archives or third-party installers are fetched by the skill package itself, which reduces supply-chain risk from this package—but the instructions tell the user to pull third-party Docker images at runtime (see risks below).
Credentials
The skill metadata declares no required env vars, but SKILL.md references multiple sensitive values (GRASS_USER/GRASS_PASS, HONEYGAIN_EMAIL/HONEYGAIN_PASS, Storj auth token, ETH wallet address, staking tokens). The absence of declared required credentials in the registry metadata is an inconsistency and hides the need to supply secrets when following instructions.
Persistence & Privilege
The skill does not request always:true. It recommends running containers with --restart unless-stopped (persistence) and uses capabilities like NET_ADMIN and host port mappings, which increase privilege and attack surface. Autonomous agent invocation is allowed by default; combined with exec/web_fetch tools declared in skill.json, this could let the agent run these privileged commands if given permission.
What to consider before installing
This skill appears to do what it says (deploy and monitor bandwidth-sharing nodes), but there are important risks and omissions to consider before installing: 1) The SKILL.md expects you to provide many credentials (email/passwords, auth tokens, Ethereum wallet info) but the skill metadata does not declare these — treat any secret you enter as sensitive. 2) The instructions pull and run third-party Docker images (mrcolorrain/grass, mysteriumnetwork/myst, storjlabs/storagenode, honeygain/honeygain); verify each image's official source, image tags, and checksums before running. 3) Containers are run with port mappings, mounted host paths, and NET_ADMIN capability—these increase privilege and can expose your host; run in an isolated VM or dedicated machine, not on a production host. 4) For wallets and staking keys, use dedicated wallets with minimal funds and consider hardware wallets or separate signing workflows where possible. 5) Ask the publisher for the upstream repository/homepage and image provenance; if unavailable, treat the skill as higher risk. If you decide to proceed, run in a sandboxed environment, audit the Docker images, and supply secrets via a secure secrets manager rather than embedding them in compose files.Like a lobster shell, security has layers — review code before you run it.
latestvk9756y4zn0a1xbt5fpxe6ggq1d81t2y5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.