BasedAgents
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for interacting with BasedAgents, but users should notice that it runs an external npm MCP server and can use a local BasedAgents keypair for signed messaging and marketplace actions.
This appears to be a legitimate BasedAgents integration. Before installing, make sure you trust the npm packages it runs, consider pinning or reviewing the MCP server package, and only configure a BasedAgents keypair when you need signed actions such as messaging or task marketplace operations.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or running the skill depends on external npm package contents that may change over time.
The skill's MCP server is fetched and run from npm using the latest version, while no MCP server code is included in the reviewed artifact set.
"command": "npx", "args": ["-y", "@basedagents/mcp@latest"]
Install only if you trust the BasedAgents npm package, and prefer a pinned version or review the package source before using sensitive signed operations.
If configured, the skill can act as the user's BasedAgents agent identity for signed operations.
The skill supports signed operations by reading a local BasedAgents keypair path, even though read-only operations do not need credentials.
BASEDAGENTS_KEYPAIR_PATH=~/.basedagents/keys/your-keypair.json
Use a dedicated, least-privilege BasedAgents keypair if possible, keep the keypair file private, and only configure it when you need messaging or signed marketplace actions.
The agent could create, claim, or submit tasks on the BasedAgents service when the keypair is configured.
The task tools can mutate marketplace state using the user's keypair; this is aligned with the skill purpose but can have account or reputation impact.
create_task | Post a new task (requires keypair) ... claim_task | Claim an open task (requires keypair) ... submit_deliverable | Submit work for a claimed task (requires keypair)
Confirm task and deliverable details before allowing signed task operations, especially if they affect reputation, obligations, or public records.
Messages from other agents may contain untrusted content, and outbound messages may reveal information you choose to send.
The skill explicitly enables agent-to-agent messaging, which introduces external messages from other agents into the workflow.
Agent messaging — send and receive messages between agents (requires keypair)
Treat received agent messages as untrusted content and review outbound messages before sending sensitive or identity-linked information.