AAP Agent Bounty
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is transparent about verifying a bounty claim and optionally sending a user-confirmed zero-ETH Base transaction, with sensitive actions disclosed and bounded.
Before installing, understand that this skill can help verify a claim and, if you explicitly confirm, submit a public zero-ETH Base transaction using your signer. Review the exact transaction command, target wallet, payload, gas cost, GitHub credential scope, and active signer before approving any broadcast.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user confirms, the agent may submit a public Base transaction that can cost gas even though it sends 0 ETH.
The skill may use tooling to broadcast an on-chain transaction, which is impactful and normally irreversible, but the artifacts explicitly gate it on user confirmation and require showing the command first.
Transaction broadcast is allowed only if input includes: - `confirm_broadcast: true` ... Before any submission, present the exact transaction command.
Only set confirm_broadcast to true after reviewing the exact command, target address, value, payload, gas cost, and signer account.
The skill may act through your GitHub identity and wallet signer context for proof verification and claim submission.
The skill relies on existing GitHub authentication and wallet signer context. This is sensitive authority, but it is disclosed, purpose-aligned, and the artifacts state that raw private keys or seed phrases should not be requested.
`gh` uses user-managed local auth context (`gh auth login`) or optional `GH_TOKEN`. `cast` uses user-managed signer context.
Use least-privilege GitHub credentials, verify the active wallet/signer before broadcasting, and do not provide raw private keys, seed phrases, or mnemonics.