Back to skill
Skillv0.1.0
VirusTotal security
ClankerKit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:21 AM
- Hash
- 89eef0daf89221ab9c4027f1e761ac140c130eed4a364f89b11475cefe766937
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Package: clankerkit (mcp) Version: 0.2.0 Description: ClankerKit — Autonomous wallet operations for AI agents on Monad — swap, stake, deploy, trade memecoins, and manage spending policies The package `clankerkit` provides a comprehensive set of tools for autonomous wallet operations on Monad and other blockchains, primarily for AI agents. It leverages a smart contract wallet (`AgentWallet`) with a `PolicyEngine` for spending limits and access control. However, the package is classified as SUSPICIOUS due to critical security design choices and potentially misleading security claims. **Key Concerns:** 1. **Direct EOA Control and Policy Bypass:** The `AGENT_PRIVATE_KEY` is loaded directly from environment variables and used for certain high-value operations, specifically cross-chain swaps (`kyber_swap`, `zerox_swap`) and contract deployments (`deploy_policy_engine`, `deploy_agent_wallet`). These operations are executed directly by the Agent's EOA (Externally Owned Account) and *bypass* the spending limits and approval policies enforced by the `AgentWallet` smart contract. This directly contradicts the security claims in `README.md` and `SKILL.md` that state "Agent can only spend within policy limits" and "Transactions above threshold require owner approval." 2. **Powerful `execute_transaction` Tool:** The `execute_transaction` tool allows the agent to execute arbitrary contract calls with specified target, value, and calldata. While intended for flexibility, this is a highly powerful primitive that, if misused or if the underlying `AgentWallet` contract has vulnerabilities, could lead to unauthorized fund movement or contract interaction. 3. **Misleading Security Assurances:** The discrepancy between the advertised security features (policy limits, owner approval) and the actual implementation where certain operations bypass these controls via direct EOA usage could lead users to a false sense of security regarding the protection of their funds. While the code does not contain explicit malicious logic (e.g., private key exfiltration), the direct exposure and use of the `AGENT_PRIVATE_KEY` for operations outside the smart contract's policy scope significantly increases the attack surface and the risk of unauthorized fund loss if the AI agent or its execution environment is compromised.
- External report
- View on VirusTotal