ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bridge

v2.0.0

Agent-to-Human (A2H) verification and escrow platform. Request physical-world tasks, define verification criteria (GPS, photos, timestamps, signatures, multi...

0· 53·0 current·0 all-time
by@mirni
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill is an A2H verification/escrow platform in description, and the API endpoints, verification engine, and in-memory task/worker state are present — that part is coherent. However, the package does not integrate with any payment system or external escrow provider: 'escrow' is only an in-memory task field (locked/released/frozen) with no wallet, payment API, or credential requirements. A user expecting real money-holding escrow or blockchain/fiat integrations would be misled.
Instruction Scope
SKILL.md instructs running a local uvicorn server and shows curl examples for the API — this matches the included FastAPI implementation. The runtime instructions do not ask for unrelated files or credentials. Note: running the server will expose an HTTP API on the host; the doc shows binding to --port 8015 but does not warn about network exposure or require authentication.
Install Mechanism
The SKILL.md metadata requests installing Python packages (fastapi, uvicorn, pydantic), which is appropriate for the code. The registry install entry shows a single install spec 'uv' (and the metadata contains an object with id:'pip' and kind:'uv'), which is unusual/ambiguous — it's not a standard URL or well-known release host and may be a packaging artifact. Installing via pip for these packages is expected; clarify the intended install mechanism before running automated installs.
!
Credentials
Registry metadata declares no required env vars, but bridge/state.py reads BRIDGE_FEE_RATE, BRIDGE_SURGE_URGENT, and BRIDGE_SURGE_CRITICAL from the environment for fee/surge configuration. Those are reasonable optional configuration values, but they are not documented as configurable env vars in the SKILL.md metadata. More importantly: no credentials are requested even though the description implies escrow/payment — if you plan to connect real payments you will need to modify the code and supply payment credentials (which are not currently requested).
Persistence & Privilege
The skill does not request persistent system privileges, does not set always:true, and does not modify other skill/system configs. State is entirely in-memory; there is no file I/O persistence or background service registration beyond running the local server.
What to consider before installing
This package implements a local FastAPI server that simulates an escrow/verification platform: it verifies proofs (GPS, photo-hash counts, timestamps, signatures (only checks non-empty), multi-witness attestations) and keeps tasks and worker reputations in memory. Before installing or running: 1) Understand this is a prototype: 'escrow' is only an in-memory state flag — there is no real payment or wallet integration. Do not rely on it to hold or release real funds. 2) The install metadata includes pip packages (fastapi, uvicorn, pydantic) which is expected, but the registry's install kind 'uv' is ambiguous — confirm the install command the platform will perform. 3) The code reads optional env vars BRIDGE_FEE_RATE, BRIDGE_SURGE_URGENT, and BRIDGE_SURGE_CRITICAL but they are not documented as required; set them only if you want to override defaults. 4) Running the server starts an HTTP API — avoid exposing the port to the public internet without adding authentication and TLS. 5) If you intend to use this for real payments or production escrow, require additional work: add persistent storage, authenticated endpoints, audit logging, and integrate with a payment/escrow provider; and review/strengthen verification mechanisms (photo hash only checks hashes supplied by the client, signature check is only non-empty, GPS/timestamps are client-submitted and may be spoofed). If anything here is unclear, ask the author for: (a) exact install instructions, (b) how real escrow/payment is intended to be connected and what credentials are required, and (c) whether the server is expected to be bound only to localhost and how authentication should be configured.

Like a lobster shell, security has layers — review code before you run it.

latestvk9745z296v3q8hbqywvpjf872x84tar1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌉 Clawdis
Binspython

Install

uv

Comments