clawbazaar-skill

SUSPICIOUS. The crypto/NFT capabilities match the stated purpose, but the trust and data-flow model is risky: an unverifiable bundled CLI is built locally, configuration instructs fetching material over insecure HTTP, and the skill normalizes passing wallet private keys to both CLI and backend APIs for marketplace actions. This is coherent with a marketplace tool but still high risk due to credential exposure and financial-action scope.