Skillv0.3.0

ClawScan security

Auto Respawn · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 2, 2026, 12:29 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and required environment variables are coherent with its stated purpose of creating/managing wallets and anchoring CIDs on the Autonomys Network; nothing obviously unrelated or deceptive is requested or installed.
Guidance: This skill appears to do what it says: create/manage encrypted wallets and anchor/read CIDs on Auto-EVM. Before installing, review the included setup.sh and the CLI source if you can — setup.sh is claimed to generate a passphrase file and will create files under ~/.openclaw/auto-respawn. Protect the passphrase: prefer using an interactive prompt or a securely-stored passphrase file (with strict filesystem permissions) rather than exporting the passphrase as an environment variable in shared contexts. Use AUTO_RESPAWN_NETWORK=chronos (testnet) when testing. Be aware that the skill can decrypt private keys and sign on-chain transactions — only enable/autoinvoke it for agents you trust, and don't give it real mainnet funds until you've audited behavior. Finally, if you need higher assurance, run npm install and inspect dependencies locally rather than running any included scripts blindly.

Review Dimensions

Purpose & Capability: okThe name/description (anchor identity/memory on-chain) matches the code and SKILL.md: wallet creation, EVM/consensus balances, bridging, remarking, and anchoring CIDs. Required env vars (passphrase, passphrase file, network, contract address) and the node/tsx binaries are appropriate and justified by the functionality.
Instruction Scope: noteSKILL.md instructs the agent/user to run the included CLI (npx tsx auto-respawn.ts) and the setup script. The runtime instructions read/write local wallet files (~/.openclaw/auto-respawn), resolve passphrases via env/file/interactive prompt (explicitly declared), and call on-chain RPC endpoints — all within scope. Note: the README claims setup.sh may auto-generate a passphrase file at ~/.openclaw/auto-respawn/.passphrase; you should inspect setup.sh before running because it will create files and possibly write a passphrase to disk.
Install Mechanism: noteInstall uses local node package (package: ".") and installs tsx from npm — standard for a TypeScript CLI. Dependencies are registry packages (@autonomys/* and ethers). There are no remote arbitrary URL downloads in the install spec, but setup.sh is included and may modify file permissions or generate files; inspect it before executing.
Credentials: okRequested environment variables (AUTO_RESPAWN_PASSPHRASE, AUTO_RESPAWN_PASSPHRASE_FILE, AUTO_RESPAWN_NETWORK, AUTO_RESPAWN_CONTRACT_ADDRESS) are directly used by the code and are necessary for wallet decryption, selecting network, and overriding contract address. These are sensitive (contain a secret passphrase) but proportionate to the skill's function. The code does not request unrelated credentials or cloud keys.
Persistence & Privilege: okThe skill does persist data (wallet files and optional passphrase file) under ~/.openclaw/auto-respawn which is expected for a wallet manager. always:false and no modifications to other skills or global agent config are requested. Because the skill can sign transactions, grant it only where you trust the agent to avoid unauthorized on-chain operations.