Simmer Wallet Setup
SuspiciousAudited by ClawScan on May 12, 2026.
Overview
This is a coherent Simmer wallet setup skill, but it needs review because it can enable headless real-money wallet approvals/trading and relies on unpinned remote installation code.
Install only if you intend to let Simmer agent workflows control a funded self-custody wallet. Verify the OWS installer and SDK sources, avoid raw private keys when possible, set policy caps and allowlists, and review every approval or transaction before enabling API-only trading.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed too broadly, an agent could gain the ability to approve spending and place real-money trades with less user review than expected.
The documented flow enables signing and broadcasting financial approvals and later API-only trades without showing approval limits, revocation steps, or an explicit human confirmation gate.
`client.set_approvals() # one-time per chain — signs locally via OWS, fully headless` ... `After both run once, all trading is API-only.`
Before running these calls, confirm exact approval scopes and amounts, use OWS policy caps and allowlists, and require explicit user confirmation for wallet registration, approvals, and trades.
A compromised installer or package could affect the local wallet environment and potentially access sensitive wallet material.
The wallet setup depends on downloading and executing remote installer/package code without a pinned version, checksum, or reviewed source in the provided artifacts.
`curl -fsSL https://docs.openwallet.sh/install.sh | bash` ... `pip install 'simmer-sdk[ows]'`
Verify the OWS installer and Simmer SDK provenance, prefer pinned versions/checksums, and consider installing in a clean environment before funding the wallet.
Anyone or any process with these secrets may be able to access Simmer account functions or sign wallet actions.
The skill discloses that it uses a Simmer API key and may use a raw wallet private key; this is expected for a self-custody wallet setup but is highly sensitive authority.
`primaryEnv: SIMMER_API_KEY` ... `WALLET_PRIVATE_KEY` ... `Polygon EVM private key. Set only if you chose Path B (external raw key).`
Prefer the OWS vault path over raw private keys, keep secrets out of chat/logs, use least-privilege API keys where available, and rotate/revoke keys if exposure is suspected.