Skillv1.3.0

ClawScan security

Wake Up · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 15, 2026, 7:53 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill largely matches its stated purpose (scheduling paid wake-up calls) but there are inconsistencies around required credentials and how sensitive keys are handled that you should not ignore.
Guidance: This skill appears to implement exactly what it claims: scheduling paid wake-up calls and signing x402 Solana USDC payments. However, do not provide your main Solana private key. The SKILL.md and the script require a Solana keypair (private key JSON) even though registry metadata lists no required env vars — that mismatch is suspicious and could cause the agent to pick up an unintended key via SOLANA_KEYPAIR_PATH. Before installing or running: (1) use a dedicated low-value Solana keypair for payments, not your primary wallet; (2) prefer passing the keypair via an explicit --keypair argument at runtime rather than setting a global SOLANA_KEYPAIR_PATH env var; (3) review and verify the wake.meup.ai domain and TLS certificate and confirm you trust the service; (4) inspect the x402 transaction returned by the server before signing (do not auto-sign without showing the transaction to the user); (5) install/run the script in an isolated environment and ensure required Python packages (x402, httpx) come from trusted registries; and (6) ask the skill author or registry to fix the metadata mismatch so required env vars are declared consistently. If you cannot follow these precautions or verify provenance, do not install or run the skill.

Review Dimensions

Purpose & Capability: noteThe skill’s name, description, and runtime files all describe scheduling wake-up phone calls and handling x402 Solana USDC payments; requesting a Solana keypair to sign payments is coherent with that purpose. However, registry-level metadata claims no required environment variables while SKILL.md (and the script) declare/expect a SOLANA keypair — this mismatch is unexpected and worth attention.
Instruction Scope: okSKILL.md and scripts/wake-cli.py confine their actions to the wake.meup.ai API (verify, poll, contact.vcf, schedule) and to signing x402 payment transactions with a local Solana keypair. The instructions do not attempt to read other system files or reach other domains. They do, however, instruct the agent to download and share a vCard and to sign transactions — both are within the skill’s advertised scope but require explicit user consent.
Install Mechanism: noteThis is instruction-only (no install spec), but the included script declares Python dependencies (x402, httpx) and requires running under uv. No external arbitrary downloads or obscure hosting URLs are used. Because there is no automatic install spec, users or agents will need to install dependencies manually; that operational gap was not documented in the registry metadata and could cause runtime surprises.
Credentials: concernThe skill requires access to a Solana keypair (private key material) to sign x402 USDC payments; that is high-sensitivity data but is functionally required for on-chain payment signing. The concern is twofold: (1) registry metadata asserts no required env vars while SKILL.md marks SOLANA_KEYPAIR_PATH as required — an incoherence that can lead to accidental use of the wrong key, and (2) defaulting to reading a keypair via SOLANA_KEYPAIR_PATH environment variable increases the risk of the agent using a primary wallet inadvertently. The SKILL.md recommends a dedicated low-value keypair, which is good practice, but the requirement is still privilege-sensitive and must be treated carefully.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills or system-wide configs, and is user-invocable. It does not create persistent background processes or alter agent policy.