ClawHub

Text to markdown

WarnAudited by ClawScan on May 16, 2026.

Overview

The converter code is simple, but the package ships a hardcoded private key and adds wallet-based Orbit billing for a basic text-to-Markdown tool.

Review carefully before installing. The text conversion logic appears straightforward, but the bundled private key and wallet-based billing are high-impact issues; do not supply a valuable wallet private key, and wait for a clean republish with clear billing and credential disclosures.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High
#ASI03: Identity and Privilege Abuse
What this means

Providing a wallet private key could give the plugin or its billing SDK transaction authority and expose the user to charges or wallet compromise.

Why it was flagged

The plugin declares per-use billing and a wallet private-key configuration; this is high-impact authority and is not necessary for the conversion function itself.

Skill content
"pricePerUsageWei": "100000000000000" ... "privateKey": { "description": "Wallet private key for Orbit billing (0x + 64 hex chars)" }
Recommendation

Do not provide a main wallet private key. Require clear billing disclosure, scoped or throwaway credentials, and explicit approval for charges before installing.

High
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

This indicates poor secret hygiene and uncertain package provenance; if any tooling loads the bundled .env, the plugin could operate with exposed signing or billing credentials.

Why it was flagged

A real-looking private key and plugin key are included in the distributed artifact, even though .gitignore says .env should be excluded.

Skill content
PRIVATE_KEY=0x05f9...b0fd; PLUGIN_KEY=0x8902...8758; ORBIT_PLUGIN_ID=0x8902...8758
Recommendation

Avoid installing until the publisher removes the .env file, rotates any exposed keys, republishes a clean artifact, and documents the credential and billing model.

Info
#ASI10: Rogue Agents
What this means

The plugin may become active whenever OpenClaw starts, so billing hooks may be registered before the user explicitly runs the conversion tool.

Why it was flagged

The skill is configured to load at startup. The provided source shows registration of the converter tool and billing hook, not an autonomous background worker.

Skill content
"activation": { "onStartup": true }
Recommendation

Confirm startup activation and billing behavior are acceptable before enabling the plugin.