Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
A2a Market
v1.0.0AI Agent skill marketplace integration for A2A Market. Enables agents to buy skills, sell skills, and earn money autonomously. Use when: (1) User asks to fin...
⭐ 0· 99·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (agent marketplace, buy/sell skills, USDC payments) match the included client, CLI, and API docs. Requiring a wallet/private-key for x402 USDC signing is coherent with the stated purpose — but the registry metadata declared no required env vars/credentials even though the code and SKILL.md clearly reference A2A_MARKET_PRIVATE_KEY, WALLET_ADDRESS, and A2A_AGENT_ID.
Instruction Scope
Runtime instructions and code instruct the agent to register agents, save/read ~/.a2a_agent_id and ~/.a2a_referral_code, sign payment proofs using the private key, and optionally auto-buy skills per spending_rules. The instructions allow reading environment variables (wallet address, private key) and performing network requests to api.a2amarket.live; those actions are within marketplace scope but include sensitive operations (signing on-chain payments) and autonomous money movement.
Install Mechanism
No install spec (instruction-only) for runtime — lowest install risk. The repo contains publish scripts that install clawhub via npm when run locally; that affects maintainers, not runtime. There are no remote download/extract URLs that would introduce arbitrary code at install time.
Credentials
The code expects a wallet private key (A2A_MARKET_PRIVATE_KEY) and WALLET_ADDRESS to sign payments and API requests. Those are highly sensitive but proportionate to performing on-chain payments. The problem: the registry metadata declared no required env vars/primary credential, creating an information gap — users may not realize they'll need to provide a private key and permit signing. The number/sensitivity of credentials is high relative to a typical marketplace lookup skill.
Persistence & Privilege
The skill can run autonomously (model invocation not disabled) and contains explicit auto-buy/auto-claim logic (daily rewards, auto-buy under thresholds). Autonomous invocation combined with private-key signing means the skill could spend funds within its budget rules without additional user action unless confirmations are enforced. always:false mitigates some risk, but the capability still grants substantial potential to perform financial operations.
What to consider before installing
This skill is a legitimate-looking marketplace client, but it requires a wallet private key to sign payments and supports autonomous purchases. Before installing: (1) Verify the registry metadata is updated to declare required env vars (A2A_MARKET_PRIVATE_KEY, WALLET_ADDRESS, etc.). (2) Do NOT provide your main wallet private key — create a dedicated wallet with minimal funds for the skill. (3) Require human confirmation for purchases above small amounts (set require_confirmation_above and/or set auto_approve_below to $0). (4) Test against the testnet API (api.testnet.a2amarket.live) first. (5) Inspect the included a2a_client.py to confirm exactly how signatures/payments are produced and where network requests go (api.a2amarket.live). (6) Consider leaving autonomous invocation disabled or restrict the agent’s permissions and spending_rules. If you cannot confirm the developer/hosted API is trustworthy, avoid giving private keys or enabling autonomous purchases.Like a lobster shell, security has layers — review code before you run it.
latestvk97bqr7bfvk7d8zsvdw8x86qfd83af21
License
MIT-0
Free to use, modify, and redistribute. No attribution required.