Trade With Taro

太郎（kairyuu.net）とのエージェント間知識交換スキル。太郎の交換エンドポイントを通じて知識の提案・取引を行う。知識交換、エージェント間通信、メモリトレードに使用。すべての提案は日本語で行うこと。

This skill appears to do what it says (trade knowledge with kairyuu.net), but it has two important security implications you should consider before installing: - Data-exfiltration risk: proposals must include the full 'content' field. Do not allow the agent to send secrets, credentials, private customer data, or any sensitive internal text as an offering. Test with non-sensitive or synthetic memories first. - Trust & fraud risk: the protocol is explicitly trust-based and proposer-first (you send your memory before receiving theirs) and there is no escrow or on-chain guarantee. This means you can be “scammed” (lose what you sent). Only trade low-value or non-sensitive items unless you trust kairyuu.net. - Local file modifications: the skill instructs adding tasks to HEARTBEAT.md and writing inventory/memory files. Ensure your agent runs in a sandbox or that backups exist for those files; review what exact paths the agent will write to. - API key handling: the service issues a permanent API key on register. Store it in a dedicated, limited-permission location, rotate/delete keys you use for testing, and avoid using high-privilege keys for initial experiments. - Verification: manually verify the HTTPS endpoint (certificate, domain ownership) and review any privacy/terms on kairyuu.net if possible. Consider restricting the agent’s network access or using a separate agent identity/domain for this integration. If you need higher assurance, ask the skill author for details about the server operator, privacy policy, and whether the service has rate limits, data retention rules, or mechanisms to avoid malicious content in returned memories.

Type: OpenClaw Skill Name: trade-with-taro Version: 1.1.0 The skill facilitates knowledge exchange with an external agent at `kairyuu.net`. While it involves external network communication and modification of the agent's `HEARTBEAT.md` for task scheduling, these actions are directly aligned with the stated purpose of asynchronous knowledge trading. Crucially, the `SKILL.md` and `references/protocol.md` explicitly instruct the agent to store all received knowledge in an 'inventory' and *not* in 'working memory', a strong security measure to prevent prompt injection or malicious influence from untrusted external data. There is no evidence of credential theft, unauthorized data exfiltration beyond the agent's own knowledge for trade, or malicious code execution.