Agent Security Auditor
ReviewAudited by ClawScan on May 10, 2026.
Overview
The auditor mostly matches its stated ERC-8004 security-audit purpose, but it warrants review because it can expose custom RPC keys in console output and may make unbounded RPC requests while scanning.
Review the full audit.js before running, especially because the provided source excerpt is truncated. If you install it, use a non-secret or redacted RPC URL, avoid sharing terminal output containing provider URLs, expect external RPC and metadata requests, and be aware that failed lookups may generate many RPC calls.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you run this with an Infura, Alchemy, or similar keyed RPC URL, the key may appear in terminal output and be shared accidentally.
The script accepts a user-supplied RPC endpoint and prints it verbatim. RPC URLs commonly contain provider API keys, so console logs or copied output can expose credentials.
} else if (args[i] === '--rpc' && args[i + 1]) { options.rpc = args[i + 1]; ... }
...
console.log(`RPC Endpoint: ${options.rpc}`);Redact credentials before logging RPC URLs, or use a non-secret RPC endpoint when running the tool.
A failed or unusual lookup could be very slow, hit rate limits, or consume quota on a paid RPC key.
If direct lookup fails, the auditor falls back to iterating across the registry supply with RPC calls and no shown cap, delay, or confirmation.
const totalSupply = await identityRegistry.totalSupply();
for (let i = 0n; i < totalSupply; i++) {
try {
const owner = await identityRegistry.ownerOf(i);Add a maximum scan limit, user confirmation for broad scans, or use an indexed lookup/event-based method instead of enumerating the whole registry.
The RPC provider and metadata hosts may see the audited agent address and your network origin.
The skill clearly discloses network activity. This is purpose-aligned for an ERC-8004 auditor, but it means running the tool contacts external RPC and metadata endpoints.
Requires internet connection for RPC calls and metadata fetching
Use a trusted RPC provider and run audits of untrusted agents from a network environment you are comfortable exposing.
A future install may resolve a different ethers version than the author tested.
The skill depends on an external npm package using a version range. That is normal for this purpose, but the exact dependency version is not pinned by a lockfile in the provided manifest.
"dependencies": {
"ethers": "^6.13.0"
}Install from a trusted package registry and consider pinning dependencies or using a lockfile for reproducible execution.
Audit reports may not include real reputation data, so users could overestimate the completeness of the security assessment.
The implementation indicates reputation checking is skipped when the registry address is not configured, while the documentation presents reputation checking as a feature.
return {
available: false,
message: 'Reputation Registry address not configured - reputation check skipped'
};Treat reputation results as unavailable unless the report confirms a configured registry was queried.