ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Reliability Layer

v1.0.0

Fix broken LLM output, validate AI responses, generate guaranteed structured JSON. Three micro-services for making AI output reliable. Use when LLM output is...

0· 13·0 current·0 all-time
by@renoblabs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The claimed purpose (fixing/validating/generating structured JSON) matches the described API endpoints, but the SKILL.md advertises on-chain payment (x402 / USDC on Base) while the metadata requests no credentials or wallet access. A pay-per-call external service normally requires a full base URL and signing/payment credentials; the absence of those is incongruent.
!
Instruction Scope
SKILL.md lists example POST bodies and responses but provides only relative paths (/x402s/...) with no host, no HTTP headers, and no instructions on how to perform x402 payments or sign transactions. It also gives no guidance about redacting or protecting sensitive user data before sending it to an external service. The instructions are therefore incomplete and leave broad, unspecified behavior to the agent.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That's low-risk from an install standpoint: nothing is written to disk or fetched automatically.
!
Credentials
The skill requests no environment variables or credentials, yet describes a paid API on a blockchain protocol. To actually pay for calls the agent (or user) would need a wallet/private key, RPC access, or some payment mechanism — none of which are declared. This mismatch is disproportionate and unexplained. Also there is potential for data exfiltration because network calls are implied but not constrained.
Persistence & Privilege
The skill is not always-on and defaults to user invocation; it does not request elevated persistence or system-wide config changes. No privilege escalation is evident from the metadata.
What to consider before installing
This skill describes external paid microservices but leaves out critical details. Before installing or using it: (1) ask the publisher for the full base URL(s) for /x402s endpoints and documentation of the x402 payment flow; (2) confirm how payments are made and whether a wallet private key or RPC credentials are required — do not provide private keys unless you understand and trust the operator; (3) avoid sending sensitive or private user data to the service until you verify its privacy/security practices; (4) request an explanation of why no environment credentials are declared despite on-chain billing; (5) prefer local or well-known libraries to fix/validate JSON if you cannot confirm the service's provenance; (6) if you allow autonomous agent use, restrict or audit any automatic calls that could incur on-chain payments. If the publisher cannot provide clear answers and a verifiable service domain, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bsx9009xe50k72p0atvdmt984nkwz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments