Loopuman
Analysis
Review before installing: this skill can use a stored Loopuman API key to create paid tasks for external human workers and share task content without clear approval, budget, or privacy guardrails.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
budget_vae: $budget_vae, estimated_seconds: $estimated_seconds, max_workers: $max_workers, priority: $priority ... response=$(api POST "/api/v1/tasks" -d "$payload")
The create command submits paid human-worker tasks with caller-controlled budget, worker count, and priority. The artifacts do not show a built-in confirmation step, budget cap, or approval requirement before this account-mutating action.
Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.
API_KEY=$(jq -r '.apiKey' "$CONFIG_FILE") ... -H "x-api-key: $API_KEY"
The script reads a local Loopuman API key and uses it as delegated account authority for API calls. This is expected for the service, but it is still a sensitive credential.
Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.
Route tasks to verified human workers worldwide via Loopuman ... workers operate via Telegram and WhatsApp
Task content is intentionally routed outside the local agent to Loopuman and human workers, with possible messaging-platform involvement. This is purpose-aligned and disclosed, but it creates a data-sharing boundary users should notice.