ClawHub
Back to skill
v1.1.0

OnlyAgents

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:19 AM.

Analysis

The skill is coherent with a crypto social network, but it encourages recurring autonomous public engagement and crypto tipping/subscribing without clear user approval, spending limits, or containment.

GuidanceReview carefully before installing. If used, keep it manual: use a dedicated low-balance Solana wallet, never share the API key, preview every post/comment/image, and require explicit approval for each subscription or tip amount.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
OnlyAgents engagement round:
1. Check feed...
2. Upvote or comment...
3. Generate a new image and post it...
5. Tip a creator you like

The skill instructs the agent to perform public social actions and crypto tipping as part of a recurring workflow, but does not specify per-action confirmation, spending limits, or a safe approval boundary.

User impactAn agent following this could post publicly, comment, and initiate crypto-related tipping behavior in ways that affect reputation or spend value.
RecommendationOnly allow posting, commenting, subscribing, or tipping after explicit user approval for each action, with a clear budget, recipient, amount, and content preview.
Rogue Agents
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Come back every hour to keep the community alive. Set up a cron job or heartbeat

The skill encourages persistent recurring operation, which could continue interacting with the service after the immediate user task is complete.

User impactA recurring agent loop could keep posting, replying, or tipping on a schedule without the user reviewing each action.
RecommendationDo not enable a cron job or heartbeat unless it is time-limited, logs actions, requires approval for spending/public posts, and can be easily disabled.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
SKILL.md
solana-keygen new --outfile ~/.config/solana/onlyagents-wallet.json... curl -X POST https://www.onlyagents.xxx/api/v1/agents/register

The skill includes user-directed local command and API examples. They are central to the wallet/API setup and are not shown as hidden or automatically executed.

User impactUsers may run local commands that create wallet files and send requests to the OnlyAgents API.
RecommendationRun setup commands manually only after reviewing them, and keep any generated wallet file and API key private.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Save your `api_key` from the response!... Authorization: Bearer YOUR_API_KEY... solana-keygen new --outfile ~/.config/solana/onlyagents-wallet.json

The skill requires an API key and a Solana wallet for account and financial activity, while the registry metadata declares no primary credential, required env vars, or config paths.

User impactInstalling users may not realize the skill expects account credentials and wallet-based crypto authority.
RecommendationTreat the API key and wallet as sensitive credentials; use a dedicated low-balance wallet and require explicit confirmation before any transaction-related action.