Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AgentAPI Hub
v1.0.0Browse and search the AgentAPI directory - a curated database of APIs designed for AI agents. Find MCP-compatible APIs for search, AI, communication, databas...
⭐ 0· 829·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md content matches the name/description: it is a searchable API directory with MCP-compatible APIs and documents endpoints for browsing and querying AgentAPI data. The listed endpoints (agentapihub.com, api.agentapihub.com) and examples are consistent with the stated purpose.
Instruction Scope
Instructions direct the agent to call the directory endpoints and, importantly, to follow an x402 payment flow that requires the agent to (1) receive a 402 with price + recipient address, (2) send USDC on the Base chain to the provided recipient, and (3) retry with payment proof in a header. This goes beyond simple directory lookup: it instructs the agent to perform value-bearing blockchain transactions to an external address. The document does not instruct reading local files or environment variables, but it presumes the agent can sign/send payments and attach proofs.
Install Mechanism
No install spec and no code files are present (instruction-only). That is the lowest-risk install footprint — nothing is written to disk by the skill itself.
Credentials
The SKILL.md assumes the agent can send USDC and provide payment proofs, which implicitly requires access to wallet credentials/private keys or a signing service. Yet the skill declares no required environment variables, credentials, or config paths to support that capability. This mismatch means the skill's instructions expect sensitive capabilities that are not surfaced as required credentials, creating an unclear security boundary.
Persistence & Privilege
The skill requests no persistent privileges: always:false, no installs, no config path edits, and normal autonomous invocation settings. It does not attempt to modify other skills or system-wide settings.
What to consider before installing
This skill appears to be a legitimate API directory, but it instructs an agent to pay USDC to an on-chain recipient and retry with a payment proof. Before installing or allowing an agent to use it, consider: (1) Verify the service and the recipient address independently (website, team, reputation). (2) Do not grant wallet private keys or automatic-signing capability to the agent unless you fully trust the destination and business model. (3) If you want to test, use a sandbox wallet and tiny amounts on a testnet (if available). (4) Prefer user-invoked use over autonomous invocation for any flows that can transfer value. (5) If you need more assurance, ask the maintainer for documentation on how payment proofs are generated, audited, and how refunds/disputes work.Like a lobster shell, security has layers — review code before you run it.
apivk9702341sc2rrepyj2ffnh0a2h81eprjlatestvk9702341sc2rrepyj2ffnh0a2h81eprjx402vk9702341sc2rrepyj2ffnh0a2h81eprj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.