Skillv1.1.0

ClawScan security

Gotchi DAO Voting · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 6, 2026, 7:54 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, required tools, and requested BANKR_API_KEY match its stated purpose (voting via Bankr signatures to Snapshot); it is coherent but you should verify you trust Bankr and the API key resolution behavior before use.
Guidance: This skill appears to do what it says: it queries Snapshot and uses the Bankr signing API to sign/submit votes. Before installing or running: 1) Verify you trust Bankr (https://api.bankr.bot) because the service will receive the typed vote payload and your signing API key can authorize votes; compromise of that key could let someone sign votes for your wallet. 2) Use the --dry-run to inspect the typed data without sending it. 3) Note the script will try to read BANKR_API_KEY from systemd user environment and from ~/.openclaw/... config files—remove or secure any other keys you don't want probed. 4) Confirm config.json wallet and endpoints are correct. 5) If you prefer not to expose an API key, do not provide BANKR_API_KEY and instead use an alternative workflow that retains your private key locally.

Purpose & Capability: okName/description (vote on Snapshot using Bankr signing) align with required binaries (curl, jq), required env var (BANKR_API_KEY), and the scripts which query Snapshot and call Bankr. No unrelated services or credentials are requested.
Instruction Scope: noteRuntime instructions only touch Snapshot APIs, the Bankr signing API, and local config.json. However, the scripts will also search for BANKR_API_KEY in systemd user environment and in other skill config paths (~/.openclaw/...), which expands their read scope beyond the local skill directory.
Install Mechanism: okThis is an instruction-only skill with no install step; scripts run locally and require curl/jq already present. Nothing is downloaded or written by an install step.
Credentials: noteOnly BANKR_API_KEY is required, which is appropriate for a remote signing service. Minor inconsistency: registry metadata lists no primary credential while the scripts require BANKR_API_KEY. The scripts also attempt to read systemd user env and other skill config files to resolve the key—reasonable for convenience but it means the skill will probe other local config locations for the key.
Persistence & Privilege: okSkill is not forced-always, does not modify other skills or system settings, and does not request elevated/system-wide privileges.