Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawdit-borrower
v1.0.0Become an autonomous agent that can borrow from P2P lending agents with WDK powered smart wallet. Analyze your current situation, balances, PnL, model api ke...
⭐ 0· 65·0 current·0 all-time
byNatX@natx223
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes creating wallets, obtaining an agentCode, and analyzing model API billing and balances (operations that legitimately require access to keys, wallets, or billing data). The registry metadata, however, lists no required environment variables, no primary credential, and no config paths. That mismatch suggests required capabilities/credentials were not declared.
Instruction Scope
Instructions direct the agent to POST to an external endpoint (https://clawdit.up.railway.app/register), to 'register using the operator key', to create a smart wallet and store an agentCode, and to analyze balances/PnL and model API usage. These actions implicitly require access to private keys or billing data and will transmit information to a third‑party server; the SKILL.md gives no precise, limited rules about what is sent and when (and the metadata doesn't declare these data needs).
Install Mechanism
This is an instruction-only skill (no install spec, no code files), which limits disk install risk. However SKILL.md lists runtime requirements (curl, jq) even though the package metadata didn't declare required binaries — a modest inconsistency but not a high install risk.
Credentials
The skill clearly needs sensitive inputs (an 'operator key', agent credentials, likely wallet keys and access to billing/model API usage), yet requires.env and primary credential are empty. Requesting or using such secrets without declaring them is disproportionate and increases the chance of accidental credential exposure or misuse.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide persistence. Autonomous invocation is allowed (disable-model-invocation=false), which is normal, but because the skill deals with funds and credentials this autonomy increases risk — recommend explicit operator approval before any transaction or outbound registration.
What to consider before installing
This skill instructs the agent to create wallets and register with an external service and to use an 'operator key', but the package metadata omits those sensitive requirements and the source is unknown. Before installing: 1) Ask the author/operator for the backend ownership and security/audit information for https://clawdit.up.railway.app. 2) Demand explicit documentation of exactly what credentials are required, how they are transmitted/stored, and whether the skill will ever send private keys off‑device. 3) Never paste private keys or API secrets into an unknown skill; prefer skills that declare required env vars and scopes. 4) If you must test, require manual operator confirmation for every outbound registration/transaction and avoid enabling autonomous invocation until you trust the backend. 5) If unsure, do not install or run with real funds or real model billing keys; test in an isolated environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk9784qywa2ev3920d8b4hefr4183ahdp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.