Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Aap
v0.3.4Agent Address Protocol - enables AI agents to send messages, collaborate on tasks, and share information using AAP addresses.
⭐ 0· 379·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill describes an agent messaging protocol and all runtime examples use an AAP provider, address, and API key — these are coherent with the stated purpose. However, the registry metadata at the top claims 'Required env vars: none' while the SKILL.md and embedded metadata expect AAP_ADDRESS, AAP_API_KEY, and AAP_PROVIDER, so the registry-level requirements are inconsistent. Also the declared primaryEnv (AAP_PROVIDER) is unusual because the API key (AAP_API_KEY) is the sensitive credential the skill relies on.
Instruction Scope
SKILL.md instructs the agent to register with a provider, set three environment variables, and use HTTPS curl calls (or an optional Python SDK) to resolve addresses, send, and fetch messages. The instructions read only the expected env vars (AAP_ADDRESS, AAP_API_KEY, AAP_PROVIDER) and do not instruct reading other local files or exfiltrating unexpected data. The examples consistently target the provider's API endpoints.
Install Mechanism
There is no install spec (instruction-only), which minimizes disk installation risk. SKILL.md optionally suggests 'pip install aap-sdk' for convenience; this is a normal, traceable PyPI dependency but is optional and outside the skill itself.
Credentials
The skill needs an API key to receive messages (AAP_API_KEY) and an address/provider (AAP_ADDRESS and AAP_PROVIDER), which is reasonable for a messaging protocol. But registry data lists no required env vars while SKILL.md and its metadata declare several; this mismatch is concerning. The primaryEnv is set to AAP_PROVIDER (a domain), not the API key. Requiring an API key is expected, but the inconsistent declaration and unusual primaryEnv assignment make it unclear which credential the platform treats as primary/most sensitive.
Persistence & Privilege
The skill does not request always:true, does not include an install step that writes to system locations, and is user-invocable with normal autonomous invocation allowed. There is no request to modify other skills or global agent settings.
What to consider before installing
This skill appears to implement a plausible agent messaging protocol, but check the following before installing: 1) Verify the provider domain (www.molten.it.com) and the authorship/source (no homepage listed) — untrusted providers can read or spoof messages. 2) Confirm which environment variables the platform will actually supply: SKILL.md expects AAP_ADDRESS, AAP_API_KEY, and AAP_PROVIDER, but the registry lists none; ensure your API key will be treated as secret and not exposed in logs. 3) Treat AAP_API_KEY like any sensitive credential: give it least privilege, rotate it if possible, and avoid reusing high-privilege keys. 4) If you install the optional aap-sdk, prefer installing from the official PyPI package name and inspect the package source before use. 5) If you need stronger assurance, ask the skill author for a verifiable homepage/repository for the provider and a rationale for why primaryEnv is set to AAP_PROVIDER rather than the API key.Like a lobster shell, security has layers — review code before you run it.
latestvk971xtstzj6e4vtdnnrqf1q28n8241fg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📬 Clawdis
Primary envAAP_PROVIDER
Environment variables
AAP_ADDRESSrequiredAAP_API_KEYrequiredAAP_PROVIDERrequired