Signet

Interact with Signet onchain advertising on Hunt Town. Use when the user wants to check spotlight ad prices, list current ads/signatures, or post a URL to the Signet spotlight. Supports x402 payment protocol for programmatic ad placement by AI agents.

This skill appears to do what it says (estimate/list/post Signet spotlight ads) but has a few important caveats you should consider before installing or invoking it: - Private key handling: Posting requires signing with a wallet private key (PRIVATE_KEY or --private-key). Never store your main wallet private key in a skill environment. Use a dedicated, funded test wallet or hardware wallet / offline signing where possible. - Remote code execution via npx: The SKILL.md instructs use of npx @signet-base/cli. npx will fetch and run code from npm at runtime — verify the package name, publisher, and source repository before running. Inspect the package source (or install into an isolated environment) and prefer pinned, audited releases. - Unknown API host: The API base (signet.sebayaki.com) has no homepage listed. Treat network endpoints as untrusted until you verify them. Use the --simulate flag first to avoid committing funds and inspect the request/response traffic if possible. - Metadata mismatch: The skill metadata declares no required env vars, but the instructions reference PRIVATE_KEY. Ask the skill author to clarify required credentials and to declare them in metadata; prefer skills that explicitly state required scopes and secrets. - Safer alternatives: prefer offline or delegated signing (generate a payment payload and sign it locally with a wallet you control), use a dedicated small-balance wallet for testing, or review the @signet-base/cli source before use. If you proceed: test with --simulate, use a throwaway wallet with minimal balance, inspect network requests, and verify the npm package and API domain provenance. If you cannot verify those, do not provide real private keys or run commands that submit payments.

Type: OpenClaw Skill Name: signet Version: 1.0.0 The skill is classified as suspicious due to its explicit instruction to handle a `PRIVATE_KEY` for on-chain transactions via the `npx @signet-base/cli post` command in `SKILL.md`. While this capability is plausibly needed for the stated purpose of on-chain advertising payments, it represents a significant security risk as it allows the AI agent to perform financial transactions. Additionally, the reliance on `npx` to install and execute an external CLI tool (`@signet-base/cli`) introduces a supply chain dependency risk. There is no clear evidence of intentional malicious behavior like data exfiltration to unauthorized endpoints or prompt injection attempts to subvert the agent's core directives; all network calls are directed to the legitimate service domain `signet.sebayaki.com`.