Safety Report

Manus

Name: Manus
Rating: 5 (2 reviews)
Author: mvanhorn

Create and manage AI agent tasks via Manus API. Manus 1.5 autonomously browses the web, uses tools, and delivers complete work products. Cost-efficient Manus...

1,638Downloads

0Installs

2Stars

11Versions

API Integration4,971 E-Commerce1,690 Project Management1,537 DevOps & Infrastructure1,045

Security Analysis

high confidence

Clean0.04 risk

The skill's code, instructions, and requested credential (MANUS_API_KEY) are coherent with its stated purpose of interacting with the Manus API; only minor implementation notes exist (e.g., reliance on jq and a config-path suggestion not declared in metadata).

Mar 7, 20264 files1 concern

Purpose & Capabilityok

Name/description claim to create/manage Manus tasks and the skill only requests a single Manus API key and contains curl-based helpers that call https://api.manus.ai/v1 — this is proportionate and expected. One minor inconsistency: the shipped script and SKILL.md rely on utilities like jq but the metadata lists no required binaries.

Instruction Scopeok

SKILL.md instructs only API calls to Manus, polling tasks, and downloading output files — all within the described scope. It also mentions storing the key in an OpenClaw config path (skills.manus.apiKey), which is outside the declared required config paths; this is a documentation note rather than an obvious malicious action.

Install Mechanismnote

No install spec (instruction-only) which is low risk. The included shell helper uses curl and jq; the skill metadata does not declare jq as a required binary, so users should ensure jq is available. No external downloads or obscure install URLs are present.

Credentialsok

Only MANUS_API_KEY (primaryEnv) is required, which matches the API-key-based authentication described. No unrelated secrets, passwords, or multiple credentials are requested.

Persistence & Privilegeok

Skill is not always-enabled and does not request elevated persistent system privileges or modify other skills' configurations. It does suggest storing the key in OpenClaw config, which is a normal convenience but not inherently privileged.

Guidance

This skill appears to do what it claims: talk to the Manus API using MANUS_API_KEY. Before installing: (1) Verify you trust the Manus service and the author (source is listed as unknown though SKILL.md points at a GitHub repo); (2) Provide only a Manus API key with the minimum permissions you can; rotate the key if you later uninstall or suspect misuse; (3) Ensure jq and curl are available on the host (the helper script uses jq but the metadata doesn't declare it); (4) Review the shell script yourself (it performs API calls and downloads files) and confirm you’re comfortable with downloaded files being written to disk and attached/delivered to users; (5) Note the SKILL.md mentions storing the API key in your OpenClaw config (skills.manus.apiKey) — if you choose that, understand your agent config may contain the key alongside other settings. None of the findings indicate malicious intent, but always audit keys and third-party outputs before sharing sensitive data.

Latest Release

v1.3.1

Fix display name (remove Clawdbot prefix)

More by @mvanhorn

Polymarket

20 stars

Search X

13 stars

Remotion Server

3 stars

Parallel

3 stars

Last30days

1 stars

Tesla

0 stars

Published by @mvanhorn on ClawHub