ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bittensor Chutes x402

v1.0.0

Build a pay-per-inference proxy for Bittensor Chutes AI. Accept USDC payments for decentralized AI inference using x402.

0· 72·0 current·0 all-time
by@primer-dev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (pay-per-inference proxy for Chutes/x402) aligns with the SKILL.md: it scaffolds a proxy, explains pricing, and shows deployment options. Requiring either Node or Python tooling is reasonable because the README provides both TypeScript and Python flows.
!
Instruction Scope
Runtime instructions tell the agent to scaffold code via npx/pip, copy/edit a .env, deploy with wrangler/docker/fly/etc., and to verify payments via a 'Primer Facilitator'. The SKILL.md implies your proxy will send payment verification and inference requests to external services (Primer facilitator, Chutes API). That means user requests and payment metadata will transit to third parties by default; the instructions do not detail what is sent or how to protect sensitive data.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That minimizes on-disk risk from the skill itself, but the scaffold step directs running npx/pip to fetch external packages (primer/x402). The skill does not itself download arbitrary archives.
!
Credentials
The SKILL.md requires CHUTES_API_KEY and WALLET_ADDRESS (marked as required) and mentions FACILITATOR_URL, but the registry metadata did not declare any required environment variables. The skill therefore fails to declare the secrets it needs. Also, defaulting FACILITATOR_URL to Primer's facilitator means payment verification data may flow to a third party unless the user overrides it.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable only. It does not request persistent platform privileges.
What to consider before installing
Key things to consider before installing: 1) The SKILL.md requires CHUTES_API_KEY and WALLET_ADDRESS (and optionally FACILITATOR_URL) but the skill metadata did not declare required env vars — expect to provide secrets when you scaffold. 2) By default the template uses Primer's facilitator for payment verification — that means request and payment metadata may be sent to a third party; review Primer's privacy/security practices or set FACILITATOR_URL to a service you control. 3) The scaffold uses npx/pip to fetch packages (primer/x402); inspect the generated repository and the packages' GitHub/npm/pypi sources before running or deploying any code. 4) Do not place private wallet keys or other private keys in public or unsecured .env files; understand how payments are signed/verified and whether you need private keys. 5) Because this is instruction-only (no code to scan), a static scanner found nothing — but that also means there was nothing to audit; inspect generated code and network calls before production use. If you need higher assurance, request the upstream repository URL or the exact package manifests to review before running the scaffold commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk973tcrw36h142v4chzfnjg4f183gpmw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Any binnode, npx, python3, pip

Comments