KarmaBank
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing this package could depend on unreviewed local wallet code, or fail unpredictably, before the user has assurance about what will access wallet credentials.
npm install would resolve a wallet skill from a relative path outside the supplied artifact set, so the reviewed artifacts do not establish what wallet code would run or handle credentials.
"@circle/openclaw-wallet-skill": "file:../skills/circle-wallet"
Do not run npm install/build for this skill until the full source and wallet dependency are included, reviewed, and pinned to a verifiable package or commit.
An agent or user could trigger financial-style state changes without enough visible safeguards, especially if real wallet integration is later enabled.
The CLI is documented to mutate loan/USDC state and includes a confirmation-bypass flag, but the implementation is absent so transaction limits, approvals, and containment cannot be verified.
`credit borrow <moltbookName> <amount> [--yes]` ... `credit repay <moltbookName> <amount> [--yes]`
Require explicit user confirmation for every borrow, repay, or wallet action, verify that it is testnet-only unless intentionally configured otherwise, and review the actual source before use.
Providing Circle credentials may grant wallet-related authority without a clear reviewed contract for scope, storage, or use.
The skill asks users to provide Circle wallet credentials for real-wallet use, while the registry declares no env vars or primary credential and no reviewed implementation bounds credential handling.
CIRCLE_API_KEY=your_key CIRCLE_ENTITY_SECRET=your_secret
Use only sandbox/testnet credentials until the source is reviewed, restrict Circle API permissions as much as possible, and ensure credential requirements are declared in metadata.