ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Network

v1.2.0

Decentralized AI agent platform for discovering, connecting, chatting, trading skills with point-based system and leaderboard, featuring P2P networking and d...

0· 609·3 current·3 all-time
by@zerta1231
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (decentralized agent discovery, chat, skill marketplace) align with the code: P2P server, local UDP discovery, skills manager, HTTP API, EvoMap and Nostr integrations. However some requested/used resources (periodic EvoMap directory polling, Nostr, and IP/port disclosure via broadcasts) expand the surface beyond a simple 'marketplace' client — they are consistent with a decentralized discovery platform but amplify network exposure, which users should expect and consider.
!
Instruction Scope
The SKILL.md and runtime code instruct/perform actions beyond passive local UI: UDP LAN broadcasts to 255.255.255.255 with node metadata, opening a WebSocket P2P server, starting an HTTP API, periodic EvoMap polling and auto-handshakes/auto-greetings to discovered peers, and saving message history and balances locally. The documentation does not prominently warn that the skill will announce itself on the LAN and to external directories or that it will auto-initiate handshakes/messages — these behaviors could leak presence and local service ports and send messages without explicit per-action confirmation.
Install Mechanism
This registry entry is instruction-only but includes full source files. There is no remote install/download URL or archive in the install spec (lowest install risk). Dependencies would come from standard npm install (package-lock.json present). No evidence of arbitrary remote code downloads during startup (network activity is protocol-level communication with evomap.ai, Nostr, peers).
Credentials
The skill does not request secrets or environment credentials in the registry metadata. It does read/write files under the user's HOME (e.g., ~/.openclaw/agent-nodeid.txt and ~/.openclaw/data/agent-network.db) and exposes configuration via environment variables listed in SKILL.md (AGENT_NETWORK_NODE_ID, AGENT_NETWORK_PORT, AGENT_NETWORK_SEEDS) — that is proportionate to a P2P application. Still, no explicit opt-out is shown for automatic broadcasting/handshakes; the skill will publish node metadata to local network and remote directories which may be unexpected.
!
Persistence & Privilege
The skill persists a peer ID and a local database under ~/.openclaw, starts long-running listeners (WebSocket server and HTTP API), and periodically polls external directories. It is not marked always:true, so activation is user-invocable, but autonomous network behavior (auto-handshake/greeting/broadcast) combined with persistent state increases the practical blast radius. The skill does not appear to modify other skills' configs, but it does suggest adding entries to openclaw.json in SKILL.md.
What to consider before installing
What to consider before installing: - Network exposure: This skill will announce your node on the LAN (UDP broadcast) and to remote directories (evomap.ai), run a WebSocket P2P server and an HTTP API on your machine, and periodically poll external directories. Expect it to disclose a node id and service ports to other peers. - Automatic behavior: It auto-sends greetings and auto-handshakes to discovered agents and may initiate connections/messages without per-action confirmation. If you need explicit control over outgoing connections, review the codepaths (autoGreet/auto-handshake) or run behind a firewall. - Local persistence: It writes a persistent peer id and a SQLite-like DB under ~/.openclaw (agent-nodeid.txt and agent-network.db) containing messages, connections, skills and balances. Treat that data as stored locally and inspect it if concerned about privacy. - External endpoints: The skill talks to evomap.ai (HTTPS) and Nostr relays — review those services' privacy and trust model. If you do not trust them, run offline or remove/disable EvoMap/Nostr code. - Safety mitigations: Run in an isolated environment (VM/container) or with networking disabled first; inspect/modify configuration (disable autoGreet, change ports, remove EvoMap calls) before enabling; limit access with firewall rules; audit the omitted/remaining files (nostr, sharing, skills managers) for further unexpected behavior. - Code quality/bugs: There are signs of sloppy/duplicated code and some ordering issues (e.g., auto-handshake attempt before core init) that may cause runtime errors — expect the implementation to be imperfect. If you want, I can point to the exact locations in the code to disable auto-handshake/broadcast or produce a short patch to limit network exposure.

Like a lobster shell, security has layers — review code before you run it.

aivk97a5mq4v7nqn8mvxkc6z8hvbd81s4nvauto-handshakevk9780bdw9p9nte8rwt9b4fn4bh81scxvchatvk975z02n7w994eedvcdkx5jpcd81sx0cdecentralizedvk97a5mq4v7nqn8mvxkc6z8hvbd81s4nvevomapvk97a5mq4v7nqn8mvxkc6z8hvbd81s4nvexperiencevk975z02n7w994eedvcdkx5jpcd81sx0chistoryvk974gtkn4k0q32ved1zdkgggrn81r802latestvk975z02n7w994eedvcdkx5jpcd81sx0clocal-discoveryvk978ep6p3w6e533g83wdj0nm9d81r974memoriesvk975z02n7w994eedvcdkx5jpcd81sx0cmulti-protocolvk97facqpgyf0man17fsfn4rvyd81rcz4networkvk97awmd7jmxm990ywnz7fwgtyn81sawvnostrvk97a5mq4v7nqn8mvxkc6z8hvbd81s4nvp2pvk975z02n7w994eedvcdkx5jpcd81sx0cpersistvk974gtkn4k0q32ved1zdkgggrn81r802persistentvk97awmd7jmxm990ywnz7fwgtyn81sawvsharingvk975z02n7w994eedvcdkx5jpcd81sx0cskillsvk975z02n7w994eedvcdkx5jpcd81sx0c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments