ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Company Due Diligence Intelligence

v1.0.0

Complete company due diligence API from 5 federal sources: OSHA violations, EPA compliance, SEC filings, OFAC sanctions, USASpending contracts. No subscripti...

0· 9·0 current·0 all-time
by@ntriq-gh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description (federally sourced due diligence) matches the included code which calls SEC, OSHA, EPA, SAM.gov, etc. However the registry/manifest claims 'No install spec — instruction-only', while the package contains full Node.js source (package.json, package-lock.json, scripts) and many dependencies. That mismatch is meaningful: someone expecting a simple curl-to-service skill would not expect full executable code and third-party packages to be present. Also the homepage/service endpoint is a non-US domain (https://x402.ntriq.co.kr) and the README references a micropayments endpoint on that domain — this external endpoint is not explained in the registry metadata.
Instruction Scope
SKILL.md primarily documents using an external service (curl to x402.ntriq.co.kr/services) and public federal APIs. The included code actually implements fetching/scraping from many data sources and an optional samApiKey input. SKILL.md claims 'No API keys required' while code uses an input.samApiKey (defaults to 'DEMO_KEY') and logs guidance to provide a samApiKey for full access. The instructions do not ask the agent to read other local files or env vars, but the presence of executable code means the runtime behavior depends on that code (review utils.js for any unexpected file/ENV access).
!
Install Mechanism
Registry states no install spec, but the repo includes package.json and package-lock.json and requires Node >=18 and several npm packages (apify, cheerio, crawlee-related deps). That implies installation and disk writes would be required to execute. The package-lock shows many dependency trees; while most are legitimate for web scraping, the lockfile includes event-stream@3.3.4 (pulled in via @apify/ps-tree -> event-stream). Event-stream 3.3.4 has a known historical supply-chain compromise. Even if transitively included by benign packages today, this raises a non-trivial supply-chain risk and justifies manual dependency review before installing or running.
Credentials
The registry declares no required environment variables or credentials, which seems reasonable for reading public government APIs. However the code accepts input.samApiKey (and logs usage), and package dependencies include @apify/input_secrets — suggesting the code may optionally access secrets or platform credentials. The skill does not declare any primaryEnv or required secrets, so this is an unexplained gap: confirm whether the code will request or read any secrets at runtime (process.env or Apify input secrets) before trusting it.
Persistence & Privilege
Flags show always:false and normal autonomous invocation allowed (disable-model-invocation:false). The skill does not request persistent system-wide privileges or config path access in the registry metadata. That said, because it contains executable Node code and dependencies, installing/running it will create disk artifacts (node_modules) and could persist data locally depending on execution environment; this is expected behavior but should be done in a controlled/sandboxed environment.
What to consider before installing
This skill appears to implement the advertised due-diligence functionality, but there are important inconsistencies you should confirm before installing or running it: - Clarify the packaging model: the registry says 'instruction-only' but the bundle contains executable Node.js source, package.json and package-lock.json. If the platform will execute that code, expect npm installs and disk writes; insist on running it in a sandbox. - Verify the external endpoints and billing: SKILL.md and README reference https://x402.ntriq.co.kr and a micropayments flow. Ask the author what data (if any) is posted to that domain and whether results are proxied through it. Do not send sensitive company data to that domain until you confirm its operator and privacy policy. - Audit dependencies (package-lock.json): the dependency tree includes many scraping-related packages and transitively references event-stream@3.3.4, a historically compromised package. Require the author to explain/update dependencies or provide a lockfile without known-risk versions; consider running 'npm audit' or performing a hash verification in a trusted environment. - Confirm secret handling: the code references an optional samApiKey input and package @apify/input_secrets appears in the lockfile. Ask whether the skill will ever read process.env or platform-stored secrets and where any provided API keys will be sent or stored. - Review utils.js and any omitted files: because behavior is implemented in code (not merely documented), request a short security review of utils.js for any hardcoded/hidden external endpoints, network calls that post arbitrary data, or filesystem access. Pay attention to any code that posts to the ntriq domain or to unknown endpoints. - Operational precautions: if you proceed to test, run the skill in an isolated environment (no access to internal networks or sensitive credentials), with network egress restricted or monitored. Prefer calling the documented public government APIs yourself (or using a vetted library) rather than executing third-party code you cannot fully vet. If the author can (1) explain why packaging is mismatched, (2) confirm that no secrets are read or exfiltrated, (3) remove or update risky transitive dependencies (or provide a clean lockfile), and (4) confirm the role of the x402.ntriq.co.kr endpoint, the concerns here would be substantially reduced.

Like a lobster shell, security has layers — review code before you run it.

latestvk977drk7a1ws8mw5fpdtnqkecn843r44

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Company Due Diligence Intelligence

Complete company due diligence API from 5 federal sources: OSHA violations, EPA compliance, SEC filings, OFAC sanctions, USASpending contracts. No subscription needed. Integrated risk scoring for M...

Usage

Available on Apify Store and via x402 micropayments.

Service Catalog

curl https://x402.ntriq.co.kr/services

Features

  • AI-powered analysis
  • JSON structured output
  • Pay-per-use pricing

Powered by

Files

11 total
Select a file
Select a file to preview.

Comments

Loading comments…