Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Commercial Contract
v1.0.0Enables AI agents to autonomously negotiate, sign, execute, and enforce legally binding commercial contracts with escrow, milestone payments, and dispute res...
⭐ 0· 263·1 current·1 all-time
byJustin Liu@zhenstaff
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims escrow, multi-currency payments, fund custody, and legal enforceability, but the package in the registry is instruction-only (no code files, no install spec) and the metadata lists no payment-provider credentials, blockchain connectors, or gateway integrations. The README references an npm package and GitHub repo, yet the provided bundle lacks the code those claims imply. Handling money and escrow ordinarily requires payment gateway keys, bank/fiat or crypto integrations, and custodial account configuration — none of which are declared.
Instruction Scope
SKILL.md provides SDK and CLI usage examples (npm install, import AgentCommercialContract, CLI commands) and shows calls that pass credentials, create escrow accounts, and require signatures, but it does not specify which environment variables or endpoints an agent should use. It tells agents to 'use environment variables for sensitive data' and references credential parameters (e.g., this.credentials) without declaring them. The instructions therefore are vague and grant the agent broad discretion to install and use external packages or credentials that aren't defined.
Install Mechanism
There is no install spec in the registry bundle (instruction-only), which reduces immediate risk from the skill itself writing code to disk. However the docs instruct users/agents to run `npm install agent-commercial-contract` or clone a GitHub repo. That means installing the real package (if it exists) from external registries — a potentially significant risk that the current bundle does not make explicit (no integrity, no pinned versions, no provenance).
Credentials
Despite describing escrow, payment releases, and API-key based authentication, the skill declares no required environment variables or primary credential. Real-world operation would require payment gateway API keys, bank/escrow credentials, blockchain wallets/private keys, or at least a configured payment provider — their absence is disproportionate and unexplained. The examples reference passing credentials in calls, further highlighting the mismatch.
Persistence & Privilege
always is false and there is no code in the bundle that would persist or modify system-wide configuration. The skill is user-invocable and can be invoked autonomously by the agent (default), which is normal; there is no evidence it requests elevated persistent privileges.
What to consider before installing
This skill's docs describe handling money, escrow, and legally binding contracts but the package you have is only documentation — no code, no install spec, and no declared credentials. Before installing or letting an agent use this: (1) verify the package provenance: confirm the npm package name and GitHub repository actually exist and match the author, inspect the code and release history; (2) ask the maintainer to provide a clear list of required environment variables (payment gateway keys, wallet keys, webhook endpoints) and exact install instructions; (3) review how escrow is implemented (custodial third party vs. self-custody, KYC/compliance implications); (4) only grant payment or wallet credentials to a reviewed, pinned release and use least-privilege/test credentials in staging; (5) require an auditable policy for automatic fund release and dispute handling and do not enable autonomous agent invocation for real-money flows until code and operational controls are reviewed. If the publisher cannot produce source code and concrete integration details, treat the package as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97epedx92mwpst2xd612wfqv982tda2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.