ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alpha Finder (x402)

v1.0.0

Market Oracle for prediction market intelligence - Polymarket and Kalshi research, probability assessments, market sentiment analysis, and arbitrage opportunity identification. Use when users want to research prediction markets, analyze betting odds, or find market inefficiencies. Costs $0.03 USDC per request via x402 protocol on Base network.

0· 2.4k·7 current·8 all-time
by@tzannetosgiannis
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The description (market oracle, $0.03 per request via x402) implies on‑chain payments and therefore a private key is plausible — but the registry metadata lists no required env vars or credentials. The SKILL.md and the script both require an X402 private key and discuss Base/USDC payments; that credential requirement is missing from the declared metadata, which is an incoherence.
!
Instruction Scope
The SKILL.md instructs the user to place a raw private key in an env var or plaintext config file (~/.x402-config.json or other locations). The included script reads multiple filesystem locations (./, $HOME, $PWD) for the config and exports X402_PRIVATE_KEY into the environment before invoking remote code. The instructions therefore encourage storing and exposing a private key in widely accessible places and do not constrain or limit where the secret may flow.
!
Install Mechanism
There is no install spec, but the runtime script calls 'npx -y @itzannetos/x402-tools-claude ...', which will fetch and execute arbitrary code from the npm registry at runtime. That dynamic download/execute behavior is high risk and is not declared in the registry metadata. The script also depends on tools (npx/npm, jq) that are not declared as required binaries.
!
Credentials
The skill effectively requires a sensitive credential (X402 private key) and suggests storing it in plaintext in the home directory or passing it via env var; yet the registry metadata lists no required env variables. Passing a private key to unvetted remote code (via env) is disproportionate. Storing a private key in common locations (~/.x402-config.json, ./) increases risk of accidental exposure or exfiltration by other processes.
Persistence & Privilege
The skill does not request 'always: true' and does not declare persistent installation. However, it recommends writing a persistent config file (~/.x402-config.json) which creates long-lived secret material on disk. The remote npx invocation could also install packages into npm cache but the skill itself does not request system-wide persistence or modify other skill configs.
What to consider before installing
This skill is suspicious because it asks for a sensitive private key (not declared in registry metadata) and then uses npx to download and run a third‑party npm package at runtime. npx -y runs unvetted code which could exfiltrate any environment variables or files it has access to. Before using this skill: 1) Do not store your main wallet private key in plaintext; use an ephemeral/key with minimal funds and permissions if you must test. 2) Inspect the npm package @itzannetos/x402-tools-claude source (on npm/GitHub) and review what it does with X402_PRIVATE_KEY. 3) Require the skill owner to declare required env vars and binaries (jq, npx) in metadata and to provide a vetted install mechanism or vendored code instead of runtime npx. 4) Prefer running this script in an isolated environment (air‑gapped VM or container) if you must try it. 5) If you cannot verify the npm package and the author's identity, avoid providing any private key or wallet with real funds. Additional information that would change the assessment: an explicit, auditable install artifact (no runtime npx), published source code for @itzannetos/x402-tools-claude that you or a reviewer can inspect, or removal of the need to provide a private key.

Like a lobster shell, security has layers — review code before you run it.

arbitragevk9796fchyng7bq5qp5ya6k0qa5804z6xfinancevk9796fchyng7bq5qp5ya6k0qa5804z6xkalshivk9796fchyng7bq5qp5ya6k0qa5804z6xlatestvk9796fchyng7bq5qp5ya6k0qa5804z6xmarket-intelligencevk9796fchyng7bq5qp5ya6k0qa5804z6xpolymarketvk9796fchyng7bq5qp5ya6k0qa5804z6xprediction-marketsvk9796fchyng7bq5qp5ya6k0qa5804z6xtradingvk9796fchyng7bq5qp5ya6k0qa5804z6xx402vk9796fchyng7bq5qp5ya6k0qa5804z6x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments