Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Decentralized Agent Cloud
v1.0.0Decentralized compute and data marketplace for AI agents with spot pricing | 去中心化 AI Agent 计算和数据市场,支持 Spot 动态定价
⭐ 0· 211·0 current·0 all-time
byJustin Liu@zhenstaff
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (decentralized compute marketplace) matches the SKILL.md content: it expects a Node.js/npm client package and shows usage requiring an apiKey and agentId. However the registry metadata above claimed no required tools/env vars while SKILL.md lists node>=18, npm and an npm package dependency — this inconsistency should be reconciled.
Instruction Scope
The SKILL.md instructs installing and using the openclaw-decentralized-agent-cloud npm package and shows examples that send/receive data from external endpoints (e.g., storage.agent-cloud.io, s3://). The examples use an apiKey but no credential is declared in the metadata. There are no explicit instructions to read local sensitive files, but installing and running a third-party npm package gives it the ability to perform network I/O and access any runtime-provided data. The instructions are broad enough to allow exfiltration if the package or marketplace endpoint is malicious.
Install Mechanism
This is an instruction-only skill (no install spec in registry), but the SKILL.md expects npm install openclaw-decentralized-agent-cloud (package on npm with a linked GitHub repo). Installing arbitrary npm packages at runtime is a moderate risk (package code executes locally). The SKILL.md does include a verified_repo URL which is good, but the platform metadata lacks an automated install artifact or checksum to validate the package.
Credentials
The examples require an apiKey and reference resources like s3:// buckets and possibly cloud models (gpt-4). Yet the registry entry declares no required environment variables or primary credential. That omission is problematic: the client will need credentials (API keys, cloud storage credentials, billing) but those are not declared or scoped here. Requiring network-accessible credentials without declaring them is disproportionate and increases risk of accidental credential exposure or misuse.
Persistence & Privilege
The skill does not request always:true, does not declare system config paths, and is instruction-only. Autonomous invocation is allowed by default (normal). There's no evidence in the SKILL.md that it intends to modify other skills or system-wide settings.
What to consider before installing
Before installing or invoking this skill: (1) verify the npm package source on the linked GitHub repo and review its code (especially network calls, telemetry, and file/system access); (2) confirm how the apiKey should be provided and store it securely (prefer platform-managed secret injection rather than pasting keys into code); (3) prefer running the package in a sandboxed/ephemeral environment first (container or VM) to observe behavior; (4) ask the publisher to update registry metadata to declare required tools and explicit credential names (e.g., AGENT_CLOUD_API_KEY) and to provide a cryptographic package checksum or pinned version; (5) be cautious about connecting real cloud storage or high-privilege credentials until you’ve audited the package. The inconsistencies here (missing declared credentials and missing install spec) are the main reasons to treat this skill as suspicious rather than benign.Like a lobster shell, security has layers — review code before you run it.
latestvk979dr050591cw28j5wf1bex8s82sjba
License
MIT-0
Free to use, modify, and redistribute. No attribution required.