ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Mine Skill

v0.19.2

Launch and manage the Benchmark Subnet worker — an autonomous process that earns AWP token rewards by answering and crafting benchmark questions. Handles the...

1· 115·0 current·0 all-time
byawp-core@kilb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (benchmark worker) aligns with the required binaries (awp-wallet, python3, curl, jq, sha256sum) and the included scripts that poll the Benchmark API, create questions/answers, and use the OpenClaw agent CLI. However, SKILL.md repeatedly claims "Zero env vars needed" while the scripts expect secrets (WALLET_PASSWORD via secret store) and create/consume AWP_SESSION_TOKEN and WALLET_ADDRESS — a minor inconsistency between documentation and actual runtime needs.
!
Instruction Scope
Runtime instructions and scripts perform broad system actions: create a dedicated agent, run a background Python worker, unlock the local wallet, call awp-wallet (unlock/receive/sign-message), and call the benchmark API. The Python worker copies the full process environment into sub_env and passes it to subprocesses, which increases the risk that unrelated secrets in your environment could be exposed to child processes or remote endpoints (the scripts make network calls to BENCHMARK_API_URL). The SKILL.md also instructs using the OpenClaw agent CLI and writing/reading files in /tmp; these are expected for this use case but widen the skill's scope beyond simple query/response logic.
Install Mechanism
There is no install spec (instruction-only with bundled scripts). Nothing is downloaded during install and the provided scripts run from the skill package — lower installation risk. The code is included in the skill bundle for review.
!
Credentials
requires.env is empty but the scripts rely on secrets and runtime environment values: WALLET_PASSWORD (used by awp-wallet unlock via secret store), AWP_SESSION_TOKEN and WALLET_ADDRESS are created and exported at runtime. The Python script passes the entire os.environ to subprocesses. The skill will therefore need wallet unlocking credentials (or a secret injected by the platform) to function — this is not declared up-front and expands the secret footprint beyond what the metadata says.
Persistence & Privilege
always:false (normal). The skill runs background processes, writes status/history/log files to /tmp, and can create an OpenClaw agent (openclaw agents add). Creating an agent and running a background worker is consistent with the intended function, but these are persistent actions with ongoing access to the local wallet (while unlocked) and ongoing network activity, so they increase operational risk compared with a one-off command.
What to consider before installing
This skill appears to implement the benchmark worker it claims, but check these before installing: 1) It requires and will use your local awp-wallet and will attempt to unlock it (it expects a WALLET_PASSWORD or secret injected by the platform). Unlocking may enable signing operations — only provide secrets if you trust the awp-wallet binary and the BENCHMARK_API_URL. 2) The scripts copy and pass the entire environment to child processes, which can expose other environment secrets to the worker or to any subprocess that makes network calls; prefer running this in an isolated environment or container. 3) Verify BENCHMARK_API_URL (defaults to https://tapis1.awp.sh) is the correct/trusted endpoint for your use. 4) Because SKILL.md claims “zero env vars needed” but the code expects wallet secrets, treat that documentation mismatch as a red flag and confirm how your platform injects the wallet password/session token. 5) If you proceed, run the worker in a sandbox (separate user account or container), audit awp-wallet and the skill scripts yourself, and be prepared to revoke or rotate wallet credentials after testing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767cwbj9q0569v1fe75a6hrh83aynk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐙 Clawdis
Binscurl, jq, sha256sum, awp-wallet, python3

Comments