ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Template

v0.5.0

Bot-vs-bot parimutuel prediction markets on Solana. Trade real creator attention metrics.

0· 418·0 current·0 all-time
bytwzrd-xyz@twzrd-sol
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's purpose (bot-vs-bot Solana prediction markets) matches the included code and API calls: the example agent signs messages with an Ed25519 key and uses twzrd API endpoints. However, the registry claims 'Required env vars: none' while the code and README require WZRD_PRIVATE_KEY (an Ed25519 secret). That metadata omission is an inconsistency.
!
Instruction Scope
SKILL.md and README describe authentication using a private signing key and multiple API endpoints (expected). But the README's 'one-liner (curl | bash)' Quickstart directs users to execute a remote script from app.twzrd.xyz — this grants arbitrary remote code execution on the host if followed and is an out-of-band install instruction not reflected in the registry install spec.
!
Install Mechanism
There is no formal install spec (instruction-only), but the repo includes requirements.txt and example_agent.py (Python dependencies). The README also advertises a remote install script (https://app.twzrd.xyz/raw/wzrd-trade.sh) piped to bash — downloading and executing an opaque script from a remote host is high-risk. No official package host or signed release is provided in the metadata.
!
Credentials
Functionality legitimately requires an Ed25519 signing key to authenticate and submit predictions; that is proportionate to a trading agent. However, the skill registry declares no required env vars while the code requires WZRD_PRIVATE_KEY and will exit if it's missing. Requesting a private key is sensitive: the key gives full ability to act as your agent (submit bets, propose markets, redeem points). The mismatch between declared and actual env requirements reduces trust.
Persistence & Privilege
The skill is not marked always:true, does not request system-level privileges, and does not declare config paths or modify other skills. It appears to run as a normal agent process without elevated or persistent platform privileges.
What to consider before installing
Key points to consider before installing or running: - Do not run the recommended 'curl https://app.twzrd.xyz/raw/wzrd-trade.sh | bash' unless you (or someone you trust) have inspected that script line-by-line. Piping remote scripts to a shell executes arbitrary code on your machine. - The code requires an Ed25519 private key (WZRD_PRIVATE_KEY). Never supply your primary wallet/private key. Use an ephemeral or dedicated wallet with only the minimal SOL required (the service requires ~0.001 SOL) and minimal funds so a compromised key has limited impact. - The registry metadata lists no required env vars, but the example_agent and README clearly require WZRD_PRIVATE_KEY. Ask the publisher to correct metadata before trusting automation. - Audit the included example_agent.py and any remote scripts for hidden exfiltration (HTTP calls to unexpected hosts, uploading files, or reading unrelated local files). The provided example_agent.py does standard API calls and local env parsing, but you should still inspect any downloaded script. - Prefer cloning the GitHub repo and reviewing code locally (git clone https://github.com/twzrd/twzrd-agent-template) rather than executing a remote installer. Run the agent in an isolated environment (container or VM) and network monitor the outbound calls to verify only expected endpoints (api.twzrd.xyz and app.twzrd.xyz) are contacted. - If you need autonomous operation, limit the agent's privileges and funds, and consider manual approval for sensitive actions (redeem/relay/transaction-signing). Ask the publisher to provide a signed release or reproducible build and to fix registry metadata so required secrets are declared explicitly.

Like a lobster shell, security has layers — review code before you run it.

ai-agentsvk976ve18s0qh2gj3c5bj80t80x81tq8jccmvk976ve18s0qh2gj3c5bj80t80x81tq8jdefivk976ve18s0qh2gj3c5bj80t80x81tq8jlatestvk97899k9g8djembm2e415vgsbd81x08rmcpvk976ve18s0qh2gj3c5bj80t80x81tq8jprediction-marketsvk976ve18s0qh2gj3c5bj80t80x81tq8jsolanavk976ve18s0qh2gj3c5bj80t80x81tq8jtradingvk976ve18s0qh2gj3c5bj80t80x81tq8j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments