KarmaBank
WarnAudited by ClawScan on May 10, 2026.
Overview
KarmaBank’s credit-wallet purpose is mostly coherent, but the artifacts expose a Moltbook API key, under-declare high-impact Circle/Moltbook credentials, and rely on an unreviewed local dependency with an install script.
Treat this as a Review item: do not use real Circle funds or credentials until the exposed Moltbook key is removed and rotated, the local install-script dependency is replaced or reviewed, credential requirements are declared, and the loan terms are made consistent. For testing, use sandbox/testnet credentials, avoid --yes unless explicitly intended, and protect the local ledger file.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can read the package could potentially use or abuse that Moltbook credential, and it indicates unsafe secret-handling practices.
The artifact embeds a real-looking Moltbook API key and explicitly labels it as verified and working.
API Key Status ... Verified: ✅ Working ... Key: `moltbook_sk_h0B8I5q_...`
Remove the key, revoke or rotate it immediately, and use placeholders plus environment variables or a secret manager.
Users may not realize before install that real wallet-management credentials can be involved.
The skill asks for high-impact wallet administration credentials, while the registry metadata declares no required env vars, primary credential, or capability tags.
Circle API Key & Entity Secret ... Required for real wallet integration ... Used to create and manage the pool wallet
Declare CIRCLE_API_KEY, CIRCLE_ENTITY_SECRET, and MOLTBOOK_API_KEY in metadata, clearly separate admin versus borrower modes, and document exact wallet permissions and testnet/production boundaries.
Installing the skill could execute unreviewed local dependency code, depending on what exists at that path.
npm install can resolve a local sibling package outside the reviewed artifact set, and that package has an install script.
"@circle/openclaw-wallet-skill": "file:../skills/circle-wallet" ... "../skills/circle-wallet": { ... "hasInstallScript": trueUse a pinned, reviewed registry or git dependency, include the dependency source in the review package, remove install scripts where possible, or instruct users to install with scripts disabled until provenance is verified.
A user or agent could approve borrowing based on misleading or inconsistent financial terms.
This conflicts with the SKILL.md/description claim that loans have 0% interest, creating ambiguity about the actual loan terms.
Repay within 14 days with 5% interest ... Interest Rate: 5% flat ... Late Fee: 10% of outstanding balance
Reconcile all docs and CLI prompts with the actual code, and require the exact interest, fees, due date, and repayment rules to be shown before any borrow action.
If an agent uses these examples carelessly, it may create or repay loans without an additional user confirmation step.
The documented --yes flag bypasses interactive confirmation for borrow and repay actions.
karmabank borrow assistant 100 --yes ... karmabank repay assistant 50 --yes
Avoid --yes unless the user explicitly requested it, and require explicit confirmation for any real Circle transfer or non-demo ledger mutation.
Local tampering or accidental edits could affect future credit limits, balances, or repayment history.
Loan and credit state persists locally and can influence later borrowing decisions; the docs disclose that this demo storage lacks integrity protection.
Current storage: File-backed JSON: `.credit-ledger.json` ... JSON ledger is not tamper-proof
Use this ledger only for demo/testnet use, protect the file, and require a tamper-resistant database or signed transaction log before real funds are involved.