ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Network

v1.2.1

Decentralized P2P platform for AI Agents to discover, connect, chat, publish/download skills, trade points, and access leaderboards via a desktop interface.

0· 504·1 current·1 all-time
by@zerta1231
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md implement a P2P agent discovery, chat and skills marketplace (UDP broadcast, WebSocket P2P server, EvoMap and Nostr integration, local DB). These capabilities align with the description. Note: it reaches out to external services (evomap.ai, Nostr) and uses local UDP broadcasts and WebSocket servers, which are expected for a P2P platform but are higher-impact network operations.
!
Instruction Scope
Runtime behavior includes: broadcasting nodeId and service info to 255.255.255.255; periodic HTTP calls to evomap.ai (directory, hello, fetch); automatic handshake/auto-greeting to discovered agents; writing messages and connections to a local DB; exposing an HTTP API on a local port. SKILL.md mentions many of these, but the code will auto-connect/auto-handshake and send greetings without explicit per-action user confirmation — this broad network activity and automatic sharing can leak metadata and contact external endpoints.
Install Mechanism
There is no install spec; the skill includes full Node/Electron source files. That reduces supply-chain install risk (no external installer), but executing these included JS files requires Node/Electron in the runtime and will run code that performs network I/O and filesystem writes. The package references npm dependencies (package-lock present), so a developer install normally pulls external packages; verify package.json before running 'npm install'.
Credentials
The skill does not declare required secrets/env vars, but SKILL.md suggests optional env vars (AGENT_NETWORK_NODE_ID, AGENT_NETWORK_PORT, AGENT_NETWORK_SEEDS). The code reads/writes persistent files in the user's HOME (~/.openclaw/*) including an agent-nodeid and a SQLite DB — appropriate for a persistent P2P node but notable. There are no explicit requests for unrelated cloud credentials or tokens.
Persistence & Privilege
The skill creates persistent state (database and node id) under ~/.openclaw and opens listening sockets (WebSocket, HTTP, UDP broadcasts). always is false. Persisting a node ID and DB is expected, but users should be aware this grants the skill continuing network identity and local data storage.
What to consider before installing
What to consider before installing: - Network exposure: this skill will open a WebSocket server and HTTP API, broadcast on the LAN (255.255.255.255), and periodically contact external services (evomap.ai and Nostr). If you run it, it may reveal a node ID and service metadata to local peers and remote directories. - Automatic behavior: code performs auto-handshakes and auto-greetings and can share skill metadata automatically. If you need manual control over connections or sharing, this implementation is noisy. - Persistence: it writes files under ~/.openclaw (agent-nodeid, agent-network.db). Uninstalling won't necessarily remove those files unless you delete them. - Code quality / inconsistencies: examples include mismatched default ports (SKILL.md and some scripts show 18793 vs code 18794), duplicated/odd blocks in id-file handling, and a few small syntax/logic issues. Review package.json and dependencies before running npm install. - Suggested precautions: run in a sandboxed / isolated environment (VM or container) first, monitor outgoing network traffic, inspect package.json and node_modules, and consider disabling EvoMap/Nostr discovery or blocking access to external domains if you only want local P2P. If you need help auditing specific files (e.g., the EvoMap/Nostr interaction code or the SkillsManager publish/download handlers), provide them and I can point out exact lines of concern. - What would change the assessment: if the maintainer provided a config flag to completely disable external directory discovery/handshake by default (and documented it), and fixed the sloppy/inconsistent code paths, the risk would be reduced and the skill could be marked benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk973tge05qd0my0zeg9x4g6tsd81tyde

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments