Loopuman Human Tasks
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is clearly for paid human-task outsourcing, but it lets an agent spend a funded balance and send arbitrary task content to anonymous workers without documented approval, privacy, or spending boundaries.
Only install or enable this skill if you are comfortable with your agent sending selected task content to outside human workers and spending prepaid funds. Use a dedicated low-balance API key, require confirmation before each paid task, and avoid sending sensitive or confidential information.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could spend your funded balance on human tasks without a clear approval checkpoint.
The skill gives the agent a paid task-posting capability. The artifacts do not require a user confirmation step, spending cap, or review before the agent spends balance on a task.
Ask a human worker to complete a task and wait for their response. ... `budget_cents` (integer, required): Payment in cents. Minimum 10 ($0.10).
Require explicit user approval for each paid task, set per-task and daily spending limits, and log all posted tasks and costs.
If the key is misused or overused, the agent or anyone with the key could spend the account’s prepaid funds.
The API key is not just a login token; the artifact says it can control a funded balance that the agent spends. No scope, revocation, or budget-boundary guidance is provided.
Set environment variable: `LOOPUMAN_API_KEY=your_key_here` ... Pre-funded: Have a human fund your API key, then agent spends the balance.
Use a low-balance dedicated key, rotate it regularly, declare it as a required credential, and enforce spending limits outside the model.
Private, confidential, or regulated information could be exposed to unknown human workers if included in a task description.
Task content may be sent to external anonymous human workers. The artifact does not explain what data is safe to include, how to redact private information, or what privacy boundaries apply.
`task` (string, required): Clear description of what you need the human to do ... `worker_id`: Anonymous worker identifier
Add clear instructions to avoid sensitive data, redact inputs by default, obtain user consent before sharing content, and document worker/privacy handling.
You cannot verify from these artifacts how the described tool calls are implemented or whether any linked SDK/MCP package behaves as expected.
There is no runnable code in the submitted artifacts, and the package source is not identified in metadata. This limits review of the actual implementation behind the described tools.
Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill. ... No code files present
Verify the provider domain and any SDK/MCP package separately before use, and prefer pinned, reviewed implementations.