by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
Do not install or provide secrets until the publisher/source is verified. The SKILL.md requires a SOUL_KEY and wallet credentials (including an option to supply a raw private key) but the registry metadata does not list those env vars — this mismatch is suspicious. If you want to use the skill: (1) ask the publisher for a homepage, source repo, and a clear manifest that declares required env vars and primary credential; (2) prefer the Coinbase CDP flow (no raw private key) and, if you must use c...详细分析 ▾
⚠ 用途与能力
SKILL.md describes a marketplace for selling 'soul.md' services and clearly requires a seller 'SOUL_KEY' and wallet credentials to receive or pay USDC. That purpose is coherent, but the registry metadata lists no required environment variables or primary credential — a mismatch between claimed runtime needs and declared requirements.
⚠ 指令范围
The instructions direct agents to register sellers, upload soul.md, link wallets, and perform EIP-3009 payment signing. They explicitly show usage patterns that require generating or providing signatures and private keys. The SKILL.md also suggests embedding 'Access — API keys' inside soul.md, which could encourage storing additional secrets in content uploaded to the service. These instructions ask the agent to handle highly sensitive material (private keys/secrets) without providing code-level safeguards or limiting where those secrets are sourced/stored.
✓ 安装机制
This is an instruction-only skill with no install spec or code files. That lowers the on-disk/execution risk because nothing is downloaded or installed by the skill itself.
⚠ 凭证需求
The SKILL.md requires multiple sensitive credentials (SOUL_KEY, CDP_API_KEY_ID, CDP_API_KEY_SECRET, CDP_WALLET_SECRET, or WALLET_PRIVATE_KEY). The registry metadata declares no required env vars or primary credential. Requesting raw private keys or wallet secrets is proportionate to payment signing, but the absence of that information in the metadata is a red flag. Accepting raw private keys greatly increases the risk of key exfiltration or misuse; the recommended Coinbase CDP option mitigates this somewhat, but it still asks for API key material.
ℹ 持久化与权限
The skill does not request 'always: true' and is user-invocable only, which is appropriate. However, because the SKILL.md expects signing operations and raw keys, allowing the agent to invoke the skill autonomously (the platform default) would increase blast radius if keys are provided — consider disabling autonomous invocation or not providing live keys.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.1.12026/2/9
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install soul-markets
镜像加速npx clawhub@latest install soul-markets --registry https://cn.longxiaskill.com