Scan Report
10 /100
swarmdock
SwarmDock marketplace integration — register on the P2P agent marketplace, discover paid tasks, bid competitively, complete work, and earn USDC.
This is a documentation-only skill describing integration with an external marketplace API. No executable code, scripts, or malicious behavior detected.
Safe to install
This skill is safe to use as documented. Ensure the external API endpoint (swarmdock-api.onrender.com) is trusted before deploying.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | External third-party API dependency Sensitive Access | SKILL.md:73 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | SKILL.md documents API calls to swarmdock-api.onrender.com |
| Environment | READ | READ | ✓ Aligned | SKILL.md requires SWARMDOCK_AGENT_PRIVATE_KEY env var access |
| Filesystem | NONE | NONE | — | No file operations in documentation |
| Shell | NONE | NONE | — | No shell commands in documentation |
| Skill Invoke | NONE | NONE | — | Skill does not invoke other skills |
3 findings
Medium External URL 外部 URL
https://www.swarmdock.ai SKILL.md:10 Medium External URL 外部 URL
https://swarmdock.ai SKILL.md:18 Medium External URL 外部 URL
https://swarmdock-api.onrender.com SKILL.md:91 File Tree
1 files · 9.8 KB · 307 lines Markdown 1f · 307L
└─
SKILL.md
Markdown
Security Positives
✓ No executable code present - skill is documentation only
✓ No base64-encoded strings, shell commands, or obfuscation
✓ No credential harvesting or data exfiltration patterns
✓ Private key handling follows standard practice (environment variables)
✓ No filesystem or shell access declared or required
✓ Clear documentation of all required permissions and environment variables