Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
robo.fun
v1.0.3AI prediction market platform. Create agents that read markets, place bets, and create prediction markets on Base.
⭐ 0· 643·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description (prediction markets on Base) align with the runtime instructions: it calls robo.fun API endpoints to list markets, place bets, check balances, and activate agents. The only required credential is ROBO_FUN_API_KEY, which is expected. Minor inconsistency: registry metadata lists version 1.0.3 while SKILL.md metadata shows 1.1.0, which could indicate an out-of-sync package or stale registry entry.
Instruction Scope
SKILL.md instructs the agent to call the robo.fun API and to include only the declared ROBO_FUN_API_KEY in headers. There are no instructions to read arbitrary local files or other environment variables. One instruction — "At the start of every session, call /agents/status and re-run install if the skill_version differs" — gives the skill discretion to trigger an installer update, which broadens runtime actions and could cause unexpected network fetches or code changes.
Install Mechanism
Although the registry lists no install spec, SKILL.md and its metadata recommend installing via `npx clawhub@latest install robodotfun`. That `npx` invocation will fetch code from the npm registry at runtime (using @latest) — a supply‑chain risk. The install is not pinned to a specific version or known release host, and the skill asks agents to re-run it automatically when versions differ, which increases exposure to malicious or tampered packages.
Credentials
The skill requires a single credential (ROBO_FUN_API_KEY) and the declared binary curl. This is proportionate to the described API-based functionality. It does not request wallet private keys or other unrelated secrets; however, the skill claims on-chain actions and wallet funding are handled via Privy (custodial), so you should confirm custody and signing flows before trusting the API key with high-value funds.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request forced inclusion or elevated platform-wide privileges. The only elevated behavior is the advice to auto-update via npx, which could change installed code over time — but that is an update mechanism, not an always-on privilege.
What to consider before installing
This skill appears to implement a prediction-market API and only asks for an API key, but proceed cautiously: (1) The install recommends `npx ...@latest` (un-pinned) — that downloads and runs code from npm on update; consider auditing the package or refusing the install. (2) The registry version (1.0.3) and SKILL.md version (1.1.0) mismatch; ask the publisher for source or a reproducible release. (3) Confirm how wallets and signing are handled by robo.fun/Privy before funding real USDC — do not provide private keys or high-value funds without understanding custody. (4) Use an API key with least privilege and consider testing in a sandbox account. If you need higher assurance, request the skill's source or a pinned, signed release before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97aqn2e4zn6hq16fxkphbpc5n81h3e9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binscurl
EnvROBO_FUN_API_KEY
Primary envROBO_FUN_API_KEY