virtuals-protocol-acp Security Report — Trusted | ClawSafe

5 /100

virtuals-protocol-acp

Agent Commerce Protocol (ACP) CLI — wallet, marketplace, token, and seller runtime for AI agents

This is a legitimate Agent Commerce Protocol CLI for the Virtuals Protocol. It provides marketplace job management, agent token launching, and a seller runtime. All observed behavior is declared in SKILL.md and matches the implementation.

Skill Namevirtuals-protocol-acp

Duration57.2s

Enginepi

✓

Safe to install

This skill is safe to use. No security issues detected.

Findings 1 items

Severity	Finding	Location
Low	Dependencies use unpinned caret ranges Supply Chain axios, dotenv, and socket.io-client are specified with ^ ranges rather than exact pinned versions. While no known CVEs are present, this allows unexpected upgrades. `"axios": "^1.13.4"` → Pin to exact versions (e.g., [email protected]) for reproducible builds.	`package.json:1`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	src/lib/config.ts writes config.json; src/commands/sell.ts creates offering.json…
Network	`READ`	`READ`	✓ Aligned	src/lib/client.ts makes HTTPS calls to claw-api.virtuals.io; src/seller/runtime/…
Shell	`WRITE`	`WRITE`	✓ Aligned	src/lib/open.ts uses exec() to open OAuth browser URL (declared in SKILL.md setu…
Environment	`READ`	`READ`	✓ Aligned	src/lib/config.ts loadApiKey() reads LITE_AGENT_API_KEY from process.env for leg…
Skill Invoke	`NONE`	`NONE`	—	No skill invocation capabilities observed
Clipboard	`NONE`	`NONE`	—	No clipboard access observed
Browser	`NONE`	`NONE`	—	No browser automation observed
Database	`NONE`	`NONE`	—	No direct database access observed

11 findings

🔗

Medium External URL 外部 URL

https://app.virtuals.io/acp

README.md:3

🔗

Medium External URL 外部 URL

https://virtuals.io

README.md:3

🔗

Medium External URL 外部 URL

https://app.virtuals.io

SKILL.md:5

🔗

Medium External URL 外部 URL

https://dotenvx.com

package-lock.json:548

💰

Medium Wallet Address 加密货币钱包地址

0x1234567890123456789012345678901234567890

references/agent-wallet.md:23

💰

Medium Wallet Address 加密货币钱包地址

0x833589fcd6edb6e08f4c7c32d4f71b54bda02913

references/agent-wallet.md:73

🔗

Medium External URL 外部 URL

https://api.example.com/market-data

references/seller.md:448

🔗

Medium External URL 外部 URL

https://api.example.com/endpoint

src/commands/sell.ts:658

🔗

Medium External URL 外部 URL

https://app.virtuals.io/prototypes/$

src/commands/token.ts:74

🔗

Medium External URL 外部 URL

https://acpx.virtuals.io

src/lib/auth.ts:16

🔗

Medium External URL 外部 URL

https://claw-api.virtuals.io

src/lib/client.ts:15

File Tree

34 files · 200.3 KB · 6494 lines

TypeScript 23f · 3873L Markdown 6f · 1354L JSON 4f · 1033L Shell 1f · 234L

├─ ▾ 📁 bin

│ └─ 📜 acp.ts TypeScript 460L · 15.3 KB

├─ ▾ 📁 references

│ ├─ 📝 acp-job.md Markdown 303L · 9.3 KB

│ ├─ 🔑 agent-token.md ⚠ Markdown 142L · 3.6 KB

│ ├─ 📝 agent-wallet.md Markdown 114L · 3.4 KB

│ └─ 📝 seller.md Markdown 468L · 17.2 KB

├─ ▾ 📁 src

│ ├─ ▾ 📁 commands

│ │ ├─ 📜 agent.ts TypeScript 262L · 7.6 KB

│ │ ├─ 📜 browse.ts TypeScript 68L · 1.9 KB

│ │ ├─ 📜 job.ts TypeScript 196L · 5.7 KB

│ │ ├─ 📜 profile.ts TypeScript 72L · 2.2 KB

│ │ ├─ 📜 sell.ts TypeScript 743L · 22.2 KB

│ │ ├─ 📜 serve.ts TypeScript 204L · 5.5 KB

│ │ ├─ 📜 setup.ts TypeScript 318L · 10.2 KB

│ │ ├─ 🔑 token.ts ⚠ TypeScript 88L · 2.6 KB

│ │ └─ 📜 wallet.ts TypeScript 87L · 2.8 KB

│ ├─ ▾ 📁 lib

│ │ ├─ 📜 api.ts TypeScript 98L · 2.6 KB

│ │ ├─ 📜 auth.ts TypeScript 264L · 7.2 KB

│ │ ├─ 📜 client.ts TypeScript 31L · 733 B

│ │ ├─ 📜 config.ts TypeScript 204L · 5.5 KB

│ │ ├─ 📜 open.ts TypeScript 25L · 697 B

│ │ ├─ 📜 output.ts TypeScript 104L · 2.9 KB

│ │ └─ 📜 wallet.ts TypeScript 30L · 715 B

│ └─ ▾ 📁 seller

│ └─ ▾ 📁 runtime

│ ├─ 📜 acpSocket.ts TypeScript 85L · 2.3 KB

│ ├─ 📜 offerings.ts TypeScript 78L · 2.2 KB

│ ├─ 📜 offeringTypes.ts TypeScript 52L · 1.9 KB

│ ├─ 📜 seller.ts TypeScript 271L · 7.0 KB

│ ├─ 📜 sellerApi.ts TypeScript 71L · 1.8 KB

│ └─ 📜 types.ts TypeScript 62L · 1.6 KB

├─ 📋 _meta.json JSON 5L · 147 B

├─ 📋 package-lock.json JSON 979L · 30.7 KB

├─ 📋 package.json JSON 29L · 887 B

├─ 📝 README.md Markdown 196L · 7.0 KB

├─ 📝 SKILL.md Markdown 131L · 7.7 KB

├─ 🔧 test-cli.sh Shell 234L · 7.1 KB

└─ 📋 tsconfig.json JSON 20L · 510 B

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`axios`	`^1.13.4`	npm	No	Caret range — consider pinning
`dotenv`	`^16.4.5`	npm	No	Caret range — consider pinning
`socket.io-client`	`^4.8.1`	npm	No	Caret range — consider pinning

Security Positives

✓ SKILL.md accurately documents all commands and capabilities — no doc-to-code mismatch

✓ API keys are stored in config.json and redacted in CLI output (redactApiKey function)

✓ No base64-encoded execution, eval(), or obfuscation observed

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) — filesystem access is scoped to repo root only

✓ No credential harvesting or data exfiltration — only reads LITE_AGENT_API_KEY for its own authentication

✓ OAuth browser flow is standard and declared for user-interactive login

✓ Seller runtime executes user-authored handlers only for registered job offerings on ACP

✓ All network traffic targets declared Virtuals Protocol endpoints (claw-api.virtuals.io, acpx.virtuals.io, app.virtuals.io)

✓ WebSocket socket.io-client is used for legitimate real-time job dispatch from ACP network

✓ process.kill(pid, 'SIGTERM') used only for stopping the seller's own daemon process

Scan Report

Findings 1 items

File Tree

Dependencies 3 items

Security Positives