ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

aiusd-core

v1.0.0

AIUSD Core — structured trading tools and account management for AI agents. Use when user wants to buy/sell assets, check balances, stake, or manage positions.

0· 154·0 current·0 all-time
bytech@aiusd@tech-fe-aiusd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, required binary (node), and CLI-focused instructions align: a trading/account-management skill legitimately needs node and a CLI entrypoint (npx aiusd-core). No unrelated credentials or binaries are requested.
!
Instruction Scope
The SKILL.md instructs the agent to run npx -y aiusd-core (dynamic remote code execution), to follow CLI-provided 'next_steps' automatically without re-confirmation, and to use restore flows that accept a local mnemonic file path. Those steps expand the agent's effective privileges (can run whatever the npm package does, read a specified backup path) and can lead to executing additional actions without explicit user reconfirmation.
!
Install Mechanism
There is no install spec, but runtime use of `npx -y aiusd-core` means the agent will fetch and execute code from the npm registry on demand. npx execution of an external package is a moderate-to-high risk vector (arbitrary remote code executed each run) and there is no integrity / pinned version or verifiable checksum provided in the skill.
Credentials
The skill declares no required env vars, which is reasonable. However, the instructions imply handling authentication tokens, wallets, and optional mnemonic restore files (local path). Those are sensitive operations (wallet creation, token storage, and reading mnemonic backups) and the skill gives guidance for performing them but does not describe where tokens are stored or how file access is constrained.
!
Persistence & Privilege
always:false (good), but the skill allows autonomous invocation (platform default). Combined with the ability to run `npx` (remote code) and the rule to auto-execute 'next_steps' returned by the CLI without re-confirmation, this creates a higher blast radius: the agent could autonomously run fetched code that performs trades or reads backup files. This combination raises operational risk for funds and secrets.
What to consider before installing
This skill is coherent with its stated purpose (a CLI trading toolkit) but carries non-trivial risks: it instructs the agent to fetch and run an npm package at runtime (npx), may read backup mnemonic files if asked, and directs the agent to execute CLI 'next_steps' without re-confirmation. Before installing, verify the npm package identity and source (official npm package name, publisher, and published code), prefer a pinned/versioned install rather than unpinned `npx -y`, require explicit user confirmation for every trade and for any restore-from-file action, and avoid allowing autonomous invocation for this skill unless you trust the package and have reviewed its code. If you plan to use it, ask the publisher for the package repository URL, a reproducible build or checksum, and details about how authentication tokens and mnemonic backups are stored and protected.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dqv3z2fk6ny058kzcrnye0s830ht9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💰 Clawdis
Binsnode

Comments