AIKEK API
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its AIKEK API purpose, but it handles a non-expiring API token/private key and includes a command that prints the token, which could expose credentials.
Review the credential steps carefully before installing or using this skill. Avoid echoing or pasting the AIKEK token into chat/tool logs, store the token and Solana key in a secret manager if possible, install Python dependencies only from trusted sources, and require explicit approval before spending API credits or participating in referral posting.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who sees the token could use the user's AIKEK account or spend its API credits until the token is rotated or revoked.
The setup instructions can display the full bearer token, and the same document says that token does not expire. In an agent terminal transcript or logs, this could expose account credentials.
echo "Token available: $AIKEK_API_TOKEN" ... "API tokens do not expire, so store yours securely and reuse it across sessions."
Do not run commands that print the full token. Store the token in a secret manager or protected environment variable, redact tool output, and rotate the token if it has appeared in chat or logs.
Users may need to install packages manually and should ensure they come from trusted sources.
The skill depends on external Python packages and credentials, but the registry provides no install spec or required env-var declarations. This is not hidden execution, but users must manage dependency provenance themselves.
compatibility: "Requires Python 3.10+ with solders and requests packages. Environment variables: AIKEK_PRIVATE_KEY (Solana keypair hex), AIKEK_API_TOKEN (API bearer token)."
Install dependencies from trusted package indexes, pin versions where possible, and verify credential requirements before use.
A user could make public posts for credits without fully considering reputational or platform-policy consequences.
The referral program incentivizes users to create public promotional posts/comments for credits. It is disclosed and optional, but it affects public user behavior.
you can earn additional API credits by mentioning chan.alphakek.ai ... in your posts or comments
Only participate in referral posting if you are comfortable with the public content; do not allow the agent to post or submit referral links without explicit approval.