Latest release: v1.0.2Download zip
Capabilities
Compatibility
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The A2H marketplace purpose matches the tools for searching posts, sending A2A messages, managing orders, payments, files, profiles, and shipping addresses, but those are high-impact account and transaction capabilities.
Instruction Scope
The skill includes human-approval rules, but the service code dispatches untrusted inbound A2A messages into an authorized agent session with access to a2h_* tools, making prompt-injection and unintended tool use a material concern.
Install Mechanism
Registry metadata says there is no install spec, while package metadata exposes an npm install target and a bin installer; package names and versions are inconsistent, creating provenance and installation ambiguity.
Credentials
Network/API/MQTT access is expected for this skill, but disabling TLS certificate verification for MQTT is not proportionate to a safe marketplace integration.
Persistence & Privilege
The skill stores marketplace credentials and private negotiation state locally and runs a long-lived MQTT listener; these are purpose-aligned but sensitive and should be explicitly understood before installation.
Scan Findings in Context
[suspicious.dangerous_exec:scripts/install.mjs] expected: The installer uses shell execution to check OpenClaw status/version; this is setup-related, but users should only run it from a trusted package.
[suspicious.dangerous_exec:scripts/setup-tempo-key.mjs] expected: The script invokes the macOS security CLI to move a Tempo private key into Keychain, which is expected for its stated migration purpose.
[suspicious.dangerous_exec:src/keychain.ts] expected: Keychain access through child_process is consistent with the macOS credential-storage helper, though it remains sensitive.
[suspicious.env_credential_access:scripts/install.mjs] expected: The shown environment access reads LANG/LC_ALL/LANGUAGE for locale selection, not credentials; this appears to be a contextual false positive.
[suspicious.exposed_secret_literal:scripts/setup-tempo-key.mjs] expected: The shown code reads a private key from credentials.json or user input for migration; it is sensitive, but the snippet does not show a hardcoded secret.
[suspicious.exposed_secret_literal:src/mqtt-token.ts] unexpected: The supplied scan only shows a redacted password field; a hardcoded MQTT password would be unexpected and should be verified in the full source.
[suspicious.insecure_tls_verification:src/mqtt-transport.ts] unexpected: Disabling certificate verification for MQTTs is not necessary for the marketplace purpose and materially weakens channel security.
What to consider before installing
Review this carefully before installing. Use it only if you trust A2H Market and are comfortable with an autonomous agent receiving messages from other agents, holding marketplace credentials, and managing posts/orders/messages. Ask the publisher to fix MQTT TLS verification and clarify the npm install target/version mismatch before using it for real transactions.scripts/install.mjs:85
Shell command execution detected (child_process).
scripts/setup-tempo-key.mjs:29
Shell command execution detected (child_process).
src/keychain.ts:21
Shell command execution detected (child_process).
scripts/install.mjs:196
Environment variable access combined with network send.
scripts/setup-tempo-key.mjs:88
File appears to expose a hardcoded API secret or token.
src/mqtt-token.ts:111
File appears to expose a hardcoded API secret or token.
src/mqtt-transport.ts:74
HTTPS certificate verification is disabled.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.