agent execution market
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill describes a broad autonomous-agent marketplace, including financial-style executions, but the reviewed artifacts do not show enough approval, data-boundary, or provenance safeguards.
Review the external npm/GitHub implementation before installing, pin versions, and avoid using real funds or sensitive intents until you have explicit approval gates, trusted solver allowlists, testnet/dry-run flows, and clear data-sharing controls.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If connected to real accounts or funds, a broad intent could be delegated to a solver in a way that causes unwanted spending, transfers, or external actions.
The documented flow moves from a broad user intent to autonomous solver selection and execution. Examples include yield optimization and cross-chain token transfer, but the artifacts do not define mandatory final approval or transaction safeguards.
Multiple autonomous agents bid to fulfill each intent ... Best Solver Selected ... Verifiable Execution
Require explicit user confirmation before every high-impact execution, use testnet or dry-run modes first, define hard spending and intent-type limits, and allowlist trusted solvers.
User intents, execution status, or sensitive task details could be exposed to or influenced by untrusted solvers or subscribers if the communication layer is not tightly controlled.
The skill describes bidirectional event sharing and subscriptions, but the artifacts do not explain authentication, authorization, origin validation, or which intent/execution details subscribers and solvers may receive.
WebSocket Server: Bidirectional real-time communication ... Pub/Sub Pattern: Subscribers receive relevant updates
Use authenticated solver identities, per-intent authorization, minimal event payloads, encrypted transport, and clear rules for what data is shared with each participant.
Installing the npm package may run code that was not included in the scanned skill artifacts.
The README directs users to globally install an external npm package, while the reviewed registry artifacts contain no implementation code or install spec. This is a normal setup pattern, but the executable package is outside this review.
npm install -g openclaw-agent-execution-market
Inspect the npm/GitHub package before installing, pin a specific version, verify package provenance, and avoid global installation unless needed.
Users may over-trust solver outputs or financial/execution actions because the documentation frames them as cryptographically guaranteed.
This is a strong assurance for a marketplace that may handle high-impact autonomous execution. The reviewed artifacts do not include implementation or audit evidence to substantiate that guarantee.
the system ensures everything is provably correct
Treat verification claims as unproven until the implementation, proof format, and audits are reviewed; do not rely on these claims alone for financial or sensitive operations.
Long-running solvers could continue receiving or acting on marketplace tasks if not properly stopped or isolated.
The skill expects ongoing autonomous solver processes. This is purpose-aligned, but persistent agent infrastructure should have clear lifecycle controls.
Heartbeat Monitoring: Track solver availability ... Status Management: Active/Busy/Offline/Suspended states
Run solvers in isolated environments, maintain logs, define shutdown procedures, and monitor which solvers are active.