Back to skill
Skillv2.0.0
ClawScan security
x402janus-acp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 12:03 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions match its stated purpose (hiring x402janus via the ACP marketplace) and request only an ACP API key; nothing in the package appears disproportionate or hostile.
- Guidance
- This skill appears to do exactly what it says: create ACP jobs targeting x402janus and return scan deliverables, and it only requires your ACP API key. Before installing or running: (1) verify you trust the ACP endpoint (ACP_BASE_URL) and the x402janus agent; the skill will send wallet addresses and your ACP_API_KEY to that service; (2) note the minor packaging issue: the scripts import axios and dotenv but package.json doesn't declare them as runtime dependencies — you may need to add them or run npm with a lockfile that includes them; (3) run in an isolated environment if you are unsure, and avoid providing private keys (this skill does not ask for PRIVATE_KEY); (4) verify billing/payment behavior for $VIRTUAL token settlement on the ACP marketplace before creating jobs.
Review Dimensions
- Purpose & Capability
- okName/description (ACP buyer for x402janus wallet scans) aligns with the code and SKILL.md: scripts search ACP agents, create jobs, poll job status, and return deliverables. Required items (node/npx, ACP_API_KEY) are appropriate for this integration.
- Instruction Scope
- okRuntime instructions and scripts are narrowly scoped to calling the ACP API endpoints (/acp/agents, /acp/jobs, /acp/jobs/:id), submitting a walletAddress, polling for results, and parsing deliverables. The scripts only read environment variables declared in SKILL.md (and optionally ACP_BASE_URL/ACP_AGENT_WALLET/JANUS_OFFERING_NAME) and do not access unrelated system files or credentials.
- Install Mechanism
- noteNo special install mechanism is provided beyond 'npm install' (package is instruction-only). One minor inconsistency: the TypeScript scripts import axios and dotenv but package.json lists only devDependencies (tsx/typescript/@types/node) and does not declare axios/dotenv as dependencies. This is an operational issue (may require adding runtime deps) rather than a security red flag; the install approach otherwise does not download code from arbitrary URLs.
- Credentials
- okThe only required secret is ACP_API_KEY (a marketplace/buyer API key), which is proportionate to creating/paying for ACP jobs. Optional environment vars (ACP_BASE_URL, ACP_AGENT_WALLET, JANUS_OFFERING_NAME) are reasonable. The skill does not request unrelated credentials or system secrets.
- Persistence & Privilege
- okSkill is not always-enabled and does not request elevated platform privileges. It does not attempt to modify other skills or agent-wide configuration. Autonomous invocation is allowed (platform default) but is not combined with other red flags.