Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gasless Agent Wallet(SOL/EVM)
v1.0.0Create and manage non-custodial smart wallets on Base (EVM) and Solana with gasless transactions, spending limits, and passkey-based human control.
⭐ 0· 236·0 current·0 all-time
by@0xartex
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description match the SKILL.md: it is a tool for creating and using non-custodial wallets on Base and Solana. The operations shown (key generation, wallet creation, signing transactions) are consistent with that purpose. However, some operational requirements (private keys, AGENTWALLET_AGENT_SOL, AGENT_PRIVATE_KEY, WALLET_ADDRESS) appear in the instructions but are not declared in the skill metadata, which is an inconsistency.
Instruction Scope
SKILL.md instructs the agent to generate and use private keys, read environment variables (e.g., AGENT_PRIVATE_KEY, AGENTWALLET_AGENT_SOL, WALLET_ADDRESS), and perform on-chain transactions (including autonomous operation for 'unmanaged' wallets). The metadata does not declare these env variables or any explicit limits on agent actions. The instructions explicitly handle extremely sensitive secrets (private keys) and enable actions that move funds; this expands the agent's scope beyond what the metadata documents.
Install Mechanism
The skill is instruction-only with no install spec, but the README uses npx @agntos/agentwallet. That implies runtime fetching of a remote npm package. The package name is unpinned (no version) and the skill provides no provenance or homepage. Relying on npx at runtime without pinned versions or vetted source increases supply-chain risk.
Credentials
The instructions require high-sensitivity secrets (private keys) and reference environment variables, yet the skill metadata lists no required env vars or primary credential. Asking an agent to handle private keys is proportionate for this wallet purpose, but the omission from metadata and lack of guidance on secure secret provisioning (beyond general warnings) is a problematic mismatch.
Persistence & Privilege
The skill is not set to always:true and is user-invocable (normal). However, the SKILL.md explicitly describes 'unmanaged' wallets that are 'fully autonomous' and encourages the agent to sign transactions programmatically. Combined with the ability for the agent to invoke skills autonomously (default), this creates a high-impact capability (moving funds) even if the skill itself does not request persistent privileges or system-wide config changes.
What to consider before installing
This skill documents how to generate and use private keys and to perform on-chain transactions, but the metadata does not declare the sensitive environment variables it references and it relies on running an unpinned npm package via npx. Before installing or using it: (1) do not provide any real private keys to an agent unless you fully trust the source; (2) prefer using 'managed' wallets with human passkey control rather than 'unmanaged' autonomous wallets; (3) insist on a pinned package version or review the @agntos/agentwallet package source and maintainership on npm/GitHub; (4) test everything on devnet/testnet and isolate the agent in a sandbox; (5) require the skill owner to declare the exact env vars and deployment/install steps and demonstrate how secrets are securely stored (not environment variables in plaintext). If you cannot validate the package provenance and the skill's secret-handling, treat it as high-risk and avoid granting access to real funds.Like a lobster shell, security has layers — review code before you run it.
latestvk97akqxvgv4yp7x147zzbbxfvs82nw2s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.