ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

cpbox-suggest

v1.0.0

USE FOR query autocomplete/suggestions. Fast (<100ms). Returns suggested queries as user types. Supports rich suggestions with entity info. Typo-resilient.

0· 60·0 current·0 all-time
byspringmint@sprintmint
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, endpoints, parameters, and response fields all align with a query-autocomplete/suggest service. No unrelated environment variables, binaries, or config paths are declared.
Instruction Scope
Most instructions stay within the suggest/HTTP API scope (GET to https://www.cpbox.io/api/x402/suggest). However the doc recommends using third‑party SDKs (e.g., npx @springmint/x402-payment or x402-sdk-go) to perform payment signing — this instructs the operator/agent to execute code fetched from npm or other tooling and to perform cryptographic signing steps, which widens scope beyond simple HTTP queries.
Install Mechanism
There is no formal install spec (instruction-only), which is low risk. But the Quick Start suggests using npx to run @springmint/x402-payment; npx dynamically downloads and executes code from the npm registry at runtime, which can be a vector for executing remote code if followed. The skill itself does not ship code, but its recommended workflow depends on remote packages.
Credentials
The skill declares no required env vars or credentials, which matches a public suggest API. However the x402 payment flow implies use of a local wallet/key to sign requests; those keys are not declared or explained by the skill. The SKILL.md states 'wallet/keys stay on your machine', but does not describe how signing is performed or what local access is needed, so users must ensure signing is done safely (e.g., with a dedicated wallet) and not exfiltrated.
Persistence & Privilege
No always:true, no requested persistent system presence, and no instructions to modify other skills or system-wide settings. The skill is user-invocable and does not ask to enable itself permanently.
What to consider before installing
This skill is functionally coherent for autocomplete/suggestions and doesn't request credentials, but it directs you to an external payment flow that uses third‑party SDKs (the npx command) and an external facilitator domain. Before installing or running it: 1) verify the reputations of https://www.cpbox.io and https://www.cppay.finance and the @springmint package on npm; 2) do not run npx commands unless you trust and have reviewed the package (npx downloads and executes remote code); 3) keep any signing keys in a secure, isolated wallet and consider using a dedicated low-value key for testing; 4) if you want stronger assurance, ask the publisher for a reproducible install (pinned package version or vendor-provided binary) and audit the x402 SDK source code before using the automatic payment flow. If you cannot confirm the SDK/package origins, prefer manual payment signing outside of automated agent execution.

Like a lobster shell, security has layers — review code before you run it.

latestvk974s811bsv3g6wvj9hg7z23md83859k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments