ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Zyfai Yield Automation

v1.0.10

Earn yield on any Ethereum wallet on Base, Arbitrum, and Plasma. Use when a user wants passive DeFi yield on their funds. Deploys a non-custodial determinist...

3· 2.4k·0 current·0 all-time
byPaul@pauldefi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (deploy deterministic subaccount, optimize yield) matches the instructions (uses an SDK, viem, and wallet client options). Suggested dependencies (@zyfai/sdk, viem) and chains are consistent with a DeFi SDK.
!
Instruction Scope
SKILL.md instructs the agent to call external endpoints (POST https://sdk.zyf.ai/api/sdk-api-keys/create) to create API keys programmatically, to use process.env.PRIVATE_KEY in examples, and to persist/store apiKey values. These are runtime actions that access secrets and an external service but the metadata does not declare any required env vars or credentials. The instructions also give the agent discretion to create keys without human oversight (agent-native key creation), which broadens the agent's runtime authority.
Install Mechanism
This is an instruction-only skill (no install spec). It recommends npm installing @zyfai/sdk and viem, which is a normal dependency pattern for Node-based DeFi SDKs, but there is no install manifest or pinned releases provided by the skill itself.
!
Credentials
Metadata lists no required env vars, yet the SKILL.md demonstrates and encourages use of process.env.PRIVATE_KEY and storing an apiKey returned from the platform. Requesting or instructing handling of private keys and API keys is expected for a wallet SDK, but the mismatch (no declared env requirements) and the guidance to create API keys programmatically increases the risk of accidental secret exposure if an agent performs these steps autonomously.
Persistence & Privilege
The skill is not force-included (always: false) and does not request system-wide privileges. Autonomous invocation is allowed by default (disable-model-invocation: false), which is normal for skills; however, combined with the agent-native key creation instructions this increases the potential blast radius if the skill is invoked without supervision.
What to consider before installing
This skill appears to implement a plausible DeFi SDK but has a few red flags you should consider before installing or enabling it: 1) The runtime instructions tell agents to create API keys programmatically at sdk.zyf.ai and to use private keys from process.env.PRIVATE_KEY, yet the skill metadata declares no required credentials—verify where keys will be stored and whether you or the agent should perform key creation. 2) Prefer creating the API key manually via a trusted UI and using KMS/Hardware wallets for private key management rather than placing private keys in environment variables. 3) Confirm the sdk.zyf.ai domain and the package @zyfai/sdk reputation (source code, NPM/GitHub repo) before running npm installs. 4) If you enable autonomous agent invocation, restrict it or require a human approval gate for any step that creates or stores API keys or uses private keys. 5) Test on a non-production wallet or testnet first and verify the claimed session-key withdrawal restrictions and subaccount behavior before depositing real funds.

Like a lobster shell, security has layers — review code before you run it.

latestvk97emka4qb1gq6db9444easksd832wf8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments