Back to skill
Skillv1.0.6
ClawScan security
MetaMask Smart Accounts KIt · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 8:56 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only developer reference for the MetaMask Smart Accounts Kit and its requests and examples align with its stated purpose; it does not request unrelated credentials or install arbitrary artifacts itself.
- Guidance
- This is a developer reference for MetaMask Smart Accounts and appears internally consistent, but take these practical precautions before using it: - Verify you install the official package and version from the npm registry (check package name, publisher, and ideally a checksum) rather than copying arbitrary code. - Never paste or commit real private keys shown in examples; use environment-secured keys, hardware wallets, or ephemeral/test keys on testnets for development. - ERC-7715 advanced permissions can grant ongoing authority to move tokens; only request/approve permissions from MetaMask for trusted dapps and prefer tight caveats/restrictions. Test on a testnet first. - Only use trusted bundler/paymaster RPC endpoints; those endpoints will see user operations and could act on them — run your own or use well-known providers. - Because the registry metadata lacks a homepage/source, confirm the skill's source and the upstream package (MetaMask docs and the @metamask package) before running install commands. If you want, I can list specific places in the SKILL.md that you should sanitize or adapt before copying into your project (private-key examples, placeholder RPC URLs, permission requests).
Review Dimensions
- Purpose & Capability
- okThe name/description (MetaMask Smart Accounts Kit, ERC-4337, delegations, ERC-7715) match the SKILL.md contents and the code examples. The package installs and forge commands mentioned (npm install @metamask/smart-accounts-kit, forge install metamask/delegation-framework) are proportional and expected for a dApp developer reference. There are no unrelated binaries or environment variables requested.
- Instruction Scope
- noteThe instructions stay within dApp development scope (creating smart accounts, delegations, bundler/paymaster setup, requesting advanced permissions). However, examples include raw private-key usage (privateKeyToAccount('0x...')) and calls that request MetaMask ERC-7715 permissions; both are legitimate for dev examples but carry user-risk if copy-pasted into production or used on mainnet. The docs also reference external endpoints (your-bundler-rpc.com, your-paymaster-url.com) which the developer must supply — these endpoints will receive data and transactions and should be trusted.
- Install Mechanism
- okThis skill is instruction-only (no install spec). The SKILL.md suggests running npm/forge commands to fetch upstream packages; that is a standard developer workflow. There is no embedded download-from-URL or archive extraction in the skill bundle itself.
- Credentials
- noteThe skill declares no required environment variables or credentials, which is proportionate. That said, examples show handling of sensitive secrets (private keys) and guiding the developer to configure external RPC/bundler/paymaster URLs and MetaMask extension interactions — these are expected but sensitive. The skill does not itself request or attempt to exfiltrate credentials.
- Persistence & Privilege
- okThe skill is not always-enabled and is user-invocable; it does not request persistent privileges or attempt to modify other skills or system-wide agent settings. Autonomous invocation is allowed (platform default) but there are no additional elevated privileges requested by this skill.