ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Apiosk Skill

v1.1.0

Pay-per-request API gateway using USDC micropayments on Base blockchain with no API keys, supporting 15+ production APIs and simple wallet setup.

0· 1k·0 current·0 all-time
by@obcraft
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (keyless, USDC micropayments on Base) aligns with the included scripts and clients that contact a gateway and perform payments using a local wallet. However 'keyless' is misleading: the skill requires generating and storing a private key locally and funding a wallet. The metadata declares no required binaries or env vars even though the scripts depend on tools (cast/Foundry, curl, jq, bc). The README/SKILL.md claim 9+ vs '15+' APIs and link to multiple hostnames; the package.json repository URL differs from the SKILL.md git clone URL — these mismatches reduce trust.
!
Instruction Scope
Runtime instructions explicitly direct creating ~/.apiosk/wallet.json that contains the private key in plaintext (chmod 600 recommended) and to fund it with USDC. The SKILL.md and scripts use only the wallet address when talking to the gateway, but the code and scripts do load the private_key field locally (call-api.sh reads it into a shell variable) — the private key is never sent in the provided code, but storing it unencrypted and invoking remote installers or tools increases risk. The skill also instructs installing Foundry via a curl | bash command (remote installer) and to call gateway.apiosk.com and Base RPC endpoints; there are no instructions to verify gateway ownership or TLS fingerprints.
Install Mechanism
There is no formal install specification (instruction-only), so nothing would be written by an installer automatically. However the documentation advises running an external installer (Foundry) via curl | bash (paradigm.xyz), and the scripts assume system tools (cast, curl, jq, bc). The absence of declared required binaries in the skill metadata is inconsistent with the documented requirements. No downloaded archives or obscure hosts are embedded in the skill itself.
!
Credentials
The skill declares no required environment variables or primary credentials, yet it requires creation and local storage of a private key in plaintext and relies on system binaries. That private key is effectively a sensitive credential; the skill does not provide safe defaults for secure key management (hardware wallet / KMS integration is only recommended for production). Scripts read only ~/.apiosk/* files (no other system creds), which is good, but the lack of explicit metadata declaring the need for Foundry/cast/jq/curl is an incoherence and a deployment hazard.
Persistence & Privilege
The skill is not always:true and does not request permanent platform-wide privileges or modify other skills. It stores its own config and wallet under ~/.apiosk, which is normal for a local utility. There is no evidence it attempts to persist beyond its own directory or to alter other agent settings.
What to consider before installing
Before installing, consider the following: 1) This skill stores a wallet private key in plaintext in ~/.apiosk/wallet.json (chmod 600). Do not use it for significant funds — prefer a hardware wallet or external KMS for production. 2) The skill's metadata omits required system tools (cast/Foundry, curl, jq, bc) even though the docs and scripts rely on them; validate and install those tools yourself from trusted sources rather than running piped installer commands. 3) The docs instruct installing Foundry via curl | bash — avoid piping remote scripts without review. 4) Verify the gateway URL (https://gateway.apiosk.com) and the project repository/website before funding any wallet; the SKILL.md README and package.json point to different repo URLs which is a red flag. 5) Test with a tiny amount ( <$5 USDC ) first, monitor usage with the provided scripts, and review the code (especially any network calls) to confirm no private key or other secrets are transmitted. 6) If you need production-level guarantees, request or require integration with hardware wallets/KMS and a professional security audit. If you are unsure about the gateway's provenance or the repository authenticity, avoid installing.

Like a lobster shell, security has layers — review code before you run it.

apivk97bvz3k8b4fbrrqqs64q2aej9810ayzcryptovk97bvz3k8b4fbrrqqs64q2aej9810ayzlatestvk97c1ek78t2kttwv7wwz724rz1817fbgmicropaymentsvk97bvz3k8b4fbrrqqs64q2aej9810ayzpaymentvk97bvz3k8b4fbrrqqs64q2aej9810ayzusdcvk97bvz3k8b4fbrrqqs64q2aej9810ayzx402vk97bvz3k8b4fbrrqqs64q2aej9810ayz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments