Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gated Alpha
v3.0.0Discover, filter, and purchase structured crypto alpha calls from Gated Alpha. Supports push delivery via webhooks (recommended) or direct polling. Pay-per-c...
⭐ 0· 391·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to be a marketplace for pay-per-call crypto alphas, which legitimately requires a wallet for payments and network access. However, the registry metadata declares no required credentials or environment variables, and there is no install spec even though the SKILL.md explicitly requires @x402 and viem packages. That mismatch between claimed purpose and declared requirements is inconsistent.
Instruction Scope
SKILL.md instructs agents to register webhooks, receive events, and — crucially — perform purchases by constructing an account from a private key and signing payment challenges. It also tells endpoints to return 200 immediately and process asynchronously. The doc does not describe webhook authenticity verification, does not declare where the private key should come from, and includes logic that could lead to autonomous on-chain payments if the agent follows the instructions.
Install Mechanism
There is no install specification, yet the instructions require several npm packages ('@x402/*' and 'viem') and say they must exist in node_modules. The absence of an install step or versioned package sources is a mismatch and increases operational friction and risk (developers/users may copy unknown packages or install arbitrary versions).
Credentials
The runtime requires a private key / wallet signing ability (privateKeyToAccount('0x<your-private-key>')) to make payments, but the skill declares no required env vars or primary credential. Requesting a private key is a high-privilege need and should be declared and scoped; here it is implicit only in the instructions, which is disproportionate and incomplete.
Persistence & Privilege
always is false, but model invocation is allowed (default). Combined with instructions that perform automatic purchases given webhook events and a private key, this enables an agent to autonomously spend funds. That privilege is significant when paired with the missing credential declarations and lack of explicit user-confirmation steps.
What to consider before installing
This skill will ask your agent to hold/use an on-chain private key and to automatically purchase paid content when webhooks arrive. The package references ( @x402/* and viem ) are required by the instructions but not declared in an install spec. Before installing, consider:
- Do not paste your main/private wallet key into the agent. Use a dedicated hot wallet with minimal funds or a signing flow that never exposes raw private keys (hardware wallet, external signer, or delegated signing service).
- Ask the skill author to explicitly declare required credentials (env vars) and to provide an install spec (package names and pinned versions).
- Require explicit user confirmation before any purchase. The skill currently describes automated buys based on score/filters — this should be opt-in and auditable.
- Add webhook authenticity checks (HMAC or signed payloads) so your endpoint can verify events before acting.
- If you must test, fund only a throwaway wallet with a very small balance and set max_price_usdc to a safe low value. Monitor all outgoing RPC calls and signer interactions.
- Prefer using verified packages from known registries and pin versions; review installed code before allowing signing operations.
If the author cannot or will not provide clear credential handling and install instructions and explicit confirmation hooks for purchases, avoid enabling autonomous use of this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97a1k1mdx44yzqydtbk8sqs5x81wfr6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.