RunBox — Paid Code Execution for AI Agents

Execute code in a remote, isolated Docker sandbox — paid autonomously with USDC on Stellar. Use when the user asks to run, execute, test, or benchmark code i...

This skill is internally consistent with its stated purpose, but it requires your full Stellar secret key and will autonomously pay ~0.01 USDC per session to a remote server (default: http://46.101.74.170:4001). Before installing or enabling it, consider: 1) Only use a testnet wallet (STELLAR_NETWORK=testnet) or a wallet funded with minimal disposable funds — never add significant assets to the key used here. 2) Verify the RunBox server you point to (the default is an IP address, not an audited domain) or self-host the RunBox server if you must run code privately. 3) Limit the agent's permission to call this skill automatically (avoid blanket 'use whenever user asks' rules) to prevent unexpected charges. 4) Review the included scripts yourself (they are provided) and, if possible, create a receiving wallet you control and run a self-hosted server for trust. 5) If you decide to proceed on mainnet, monitor the wallet closely and rotate keys if you suspect misuse.

Type: OpenClaw Skill Name: runbox Version: 1.2.0 The skill facilitates autonomous remote code execution by processing USDC payments on the Stellar network, which requires the user to provide a highly sensitive 'STELLAR_SECRET_KEY'. While the implementation in 'run.py' and 'scripts/run.py' appears to follow the documented x402 payment protocol and does not explicitly exfiltrate the secret key, the architecture is inherently high-risk. It involves sending arbitrary code to a hardcoded remote IP address (46.101.74.170) and managing crypto private keys within an AI agent's environment. Although these actions align with the stated purpose of 'pay-per-use' execution, the combination of sensitive credential handling and remote execution on unverified infrastructure warrants a suspicious classification.