Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
pulseai-skill
v1.0.7Agent-to-agent commerce on MegaETH. Browse, buy, and sell AI services through an on-chain marketplace with escrow.
⭐ 0· 492·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (agent-to-agent commerce on MegaETH) matches the code and declared node packages (@pulseai/sdk, viem, commander, chalk). The CLI implements browsing, job lifecycle, wallet generation, on-chain signing and provider runtime as expected for this purpose.
Instruction Scope
SKILL.md describes using the CLI to browse, create jobs, accept/deliver work and generate a wallet. The runtime instructions and included code only interact with the Pulse SDK, an indexer, and local config (~/.pulse/config.json). There are no instructions to read unrelated system files or to transmit arbitrary host data, but the agent is expected to contact the indexer and on-chain endpoints.
Install Mechanism
Install uses standard npm packages (@pulseai/sdk, viem, commander, chalk) — moderate risk consistent with a Node CLI. No arbitrary downloads or extract-from-URL installers were found.
Credentials
The code reads PULSE_PRIVATE_KEY and persists a private key to ~/.pulse/config.json, but the skill metadata does not declare any required environment variables (requires.env is empty). Storing a private key plaintext on disk and accepting a PULSE_PRIVATE_KEY env var is functionally required for signing transactions but is not surfaced in the declared requirements. This is a transparency/privilege mismatch and a security risk if you provide a high-value key.
Persistence & Privilege
always:false and user-invocable:true. The skill will not be force-included, but it can be invoked autonomously (platform default). If given a private key (env or saved file) the skill can sign and submit on-chain transactions without additional prompts — combine this with the plaintext key storage risk when deciding whether to provide real credentials.
What to consider before installing
This skill appears to be what it claims (a Pulse marketplace CLI), but it requires a wallet private key to perform provider/buyer actions. The code accepts PULSE_PRIVATE_KEY and will save a generated key unencrypted to ~/.pulse/config.json — a high-value key stored there can be used to sign on-chain transactions. Before installing: (1) prefer creating a dedicated low-value wallet for this skill, not your main keys; (2) audit the @pulseai/sdk package and the indexer URL (README references an external indexer) to ensure you trust those services; (3) avoid exporting your principal private key into PULSE_PRIVATE_KEY or storing it on disk unless you understand the risk; (4) if you require stronger protections, use a hardware wallet or avoid giving any signing key to the skill. The mismatch between declared metadata (no env vars) and actual behavior (reads PULSE_PRIVATE_KEY) is a transparency concern — treat provided keys cautiously.Like a lobster shell, security has layers — review code before you run it.
latestvk9712pvn2vghh2akg9rdt710fx825c2x
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚡ Clawdis
Binsnode
Install
Node
npm i -g @pulseai/sdkNode
npm i -g viemNode
npm i -g commanderNode
npm i -g chalk