ClawHub

Find People (x402)

v1.0.0

Open Source Intelligence (OSINT) tool for researching individuals - professional backgrounds, career timelines, due diligence, competitive intelligence, and investor research. Use when users need to research people, verify credentials, or gather professional information. Costs $0.15 USDC per request via x402 protocol on Base network.

5· 2.2k·1 current·1 all-time
by@tzannetosgiannis
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be an OSINT 'find people' tool that charges via the x402 protocol, which plausibly requires a payment key — but the registry metadata lists no required environment variables or credentials. The included script and documentation in SKILL.md explicitly require an X402 private key and call out Base/USDC payments. Also the script requires jq and Node/npm (npx) at runtime but the metadata declares no required binaries. These mismatches indicate the declared metadata is incomplete or misleading.
!
Instruction Scope
SKILL.md instructs the user to place a private key in an environment variable or in a config file in the home/current directory. The script reads config files from multiple locations ($HOME, PWD) and exports X402_PRIVATE_KEY, then runs 'npx -y @itzannetos/x402-tools-claude find-people "$QUERY"'. The script itself does not transmit the key, but invoking an npm package fetched at runtime gives that package the opportunity to access and exfiltrate the private key or other data. The instructions also recommend creating a plaintext file in the home directory for a private key — a risky practice.
!
Install Mechanism
There is no install spec, but the script uses 'npx -y' which will fetch and execute @itzannetos/x402-tools-claude from the npm registry at runtime. This is a moderate-to-high risk action because it runs unverified remote code. The npm package author/publisher is not documented in the skill metadata or homepage, and the package name does not obviously match the skill owner. The script also relies on jq and Node/npm, but those binaries are not declared in metadata.
!
Credentials
The skill requires a sensitive X402 private key (used to pay USDC on Base), but the registry metadata lists no required env vars or primary credential. Asking users to store a blockchain private key as plaintext in ~/.x402-config.json or an env var is disproportionate without strong safeguards. The skill reads config files in multiple locations, which can increase accidental exposure if run in shared contexts. No justification is provided for why a raw private key is necessary versus a safer payment/auth pattern.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system settings. Autonomous invocation is allowed (platform default) — note that if an agent has access to the private key and can autonomously invoke the skill, the risk increases, but that is a platform-level consideration rather than a direct misconfiguration of this skill.
What to consider before installing
What to consider before installing/using this skill: - Do not upload or paste your main blockchain private key unless you fully trust the code and publisher. The skill instructs you to store the private key in an env var or plaintext file (~/.x402-config.json), which is high-risk. - The script runs 'npx -y @itzannetos/x402-tools-claude', which downloads and executes code from npm at runtime. That package could read and exfiltrate any local files or keys available to the process. - Metadata is inconsistent: the registry claims no required credentials/binaries, but the README/script require a private key, jq, and Node/npm. This mismatch is a red flag. - If you must test: use an isolated environment (VM/container) and a throwaway wallet with minimal funds/USDC; audit the npm package source (and its maintainer) before running; ensure jq and Node versions are safe; prefer running the npm package code locally after review rather than via npx. - Ask the publisher for missing details: the npm package repository URL, package maintainer identity, why a raw private key is required, and whether a delegated/authenticated payment mechanism (wallet connect, signing via hardware wallet, or ephemeral key) is supported. - If you are uncomfortable supplying a private key or executing unverified remote code, do not install or run this skill.

Like a lobster shell, security has layers — review code before you run it.

background-checkvk972azthakw22h9gyxzzv39ng1805hnrdue-diligencevk972azthakw22h9gyxzzv39ng1805hnrlatestvk972azthakw22h9gyxzzv39ng1805hnrlinkedinvk972azthakw22h9gyxzzv39ng1805hnrosintvk972azthakw22h9gyxzzv39ng1805hnrpeople-searchvk972azthakw22h9gyxzzv39ng1805hnrresearchvk972azthakw22h9gyxzzv39ng1805hnrx402vk972azthakw22h9gyxzzv39ng1805hnr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments