ClawHub

Agent Security Auditor

v1.0.0

Audits ERC-8004 agents by analyzing metadata, endpoints, payment configs, and reputation to identify security risks and generate detailed reports.

0· 530·2 current·2 all-time
by@aviclaw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (ERC-8004 agent auditor) matches the included files and runtime behavior: a Node.js audit script that queries an on‑chain identity registry, fetches off‑chain registration files, inspects endpoints, and reports findings. The declared dependency (ethers) is appropriate for Ethereum RPC interaction.
Instruction Scope
SKILL.md instructs the agent/user to run scripts/audit.js which performs RPC queries and fetches off‑chain metadata/endpoints. This is within the auditor's purpose, but the script will fetch arbitrary URIs taken from agent registrations (and likely probe service endpoints). That can cause outbound requests to attacker‑controlled or internal/private addresses (SSRF/network scanning risks). The instructions do not explicitly warn about running in a sandbox or the privacy implications of RPC/query traffic.
Install Mechanism
There is no install spec (instruction-only behavior), minimizing on‑disk installation risk. The package.json lists a single dependency (ethers) which is reasonable and traceable on npm. No remote archive downloads or executable installers are used.
Credentials
The skill requests no environment variables, credentials, or config paths. The only implicit external resource is a blockchain RPC endpoint (default: https://eth.llamarpc.com) and network access for fetch calls — these are expected for the stated functionality, but the default RPC is a third‑party service that may log queries and could affect privacy.
Persistence & Privilege
always is false; the skill does not request persistent privileges or modify other skills. It runs as an on‑demand script and does not require enabling itself globally.
Assessment
This skill appears to be what it says (an ERC-8004 agent auditor), but before running it: 1) Review the full scripts/audit.js file yourself (or in a sandbox) to confirm no unexpected behavior. 2) Run the script in an isolated environment (container, VM) if you are concerned about it making network calls to internal/private addresses — the auditor will fetch arbitrary agent URIs and may probe endpoints. 3) Override the default RPC with your preferred provider (--rpc) if you care about privacy or logging (do not supply private keys). 4) Be cautious saving or publishing generated reports if they contain sensitive internal endpoints or metadata. 5) If you need higher assurance, run the tool with network egress controlled and inspect all outgoing requests (or instrument it to log intended requests before they are made).

Like a lobster shell, security has layers — review code before you run it.

auditvk971rq68x18xhy34nrqxmfr771818bneerc-8004vk971rq68x18xhy34nrqxmfr771818bnelatestvk971rq68x18xhy34nrqxmfr771818bnesecurityvk971rq68x18xhy34nrqxmfr771818bne

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments