ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pact Skill

v0.3.0

PACT — Protocol for Agent Constitutional Trust. Five-chamber agent-to-agent trust and negotiation protocol. Handles identity verification, intent analysis, c...

0· 28·0 current·0 all-time
byGodman Protocols@skingem1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description claims on‑chain attestations (EAS on Base), EIP‑712 dual signatures, DID resolution, ERC‑8004 verification, and HMAC session tokens. Those capabilities normally require private keys, RPC endpoints, and an SDK/library; the registry metadata declares no env vars, no installs, and no primary credential, which is disproportionate to the stated purpose.
!
Instruction Scope
The SKILL.md contains runtime guidance and a TypeScript import for '@godman-protocols/sdk' and references identity verification, signing, and on‑chain attestations. These instructions implicitly require access to keys, network endpoints, and signing facilities, but they do not specify what files, env vars, or endpoints to use. The prose also references integrations (LAX, DRS) without endpoints — this is vague and gives the agent broad discretion.
Install Mechanism
This is an instruction‑only skill with no install spec. That can be acceptable, but the SKILL.md explicitly imports an SDK package; without an install or dependency list, it's unclear whether the runtime environment actually provides the required SDK or how it will be obtained. Lack of a verified source/homepage increases uncertainty.
!
Credentials
No environment variables, credentials, or config paths are declared, yet the protocol described requires signing keys (for EIP‑712), secrets for HMAC, and blockchain RPC/provider access for attestations. The absence of declared secrets or a primary credential is disproportionate and could mask undisclosed requirements to provide sensitive keys later.
Persistence & Privilege
The skill is not marked 'always' and is user‑invocable (defaults). It does not request persistent system configuration or modify other skills according to the metadata. Autonomous invocation is allowed (platform default) but does not combine here with an 'always' flag or declared broad privileges.
What to consider before installing
This skill's description expects on‑chain signing, DID resolution, and secret keys, but the package declares no installs or environment variables. Before installing or enabling it: 1) Ask the publisher for a homepage, source code, and an explicit list of required env vars (wallet keys, RPC URLs, SDKs, endpoints). 2) Require the SDK to come from a trusted registry (npm/GitHub release) and inspect its code for where keys are used or transmitted. 3) Do not supply private keys or long‑lived credentials until you can verify the implementation; use ephemeral/test keys in an isolated environment first. 4) Request a clear privacy/audit statement about on‑chain attestations and any external endpoints (LAX/DRS). These steps will reduce ambiguity and the risk of secret exfiltration or unexpected on‑chain actions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f6ag81etb6q1sxje7ckd9kd842d50

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments