neyrizk
AdvisoryAudited by Static analysis on May 4, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may be installing a repackaged or mislabeled identity tool, which makes it harder to trust who supplied the code that will handle keys and proofs.
The registry metadata for the evaluated package says the slug/name is "neyrizk", the source is unknown, and the owner/version differ; the bundled metadata identifies a different skill. For a credential-handling identity skill, this provenance mismatch is material.
"ownerId": "kn7b32r236rckzwn88kc1jqhcn81hzrv", "slug": "verified-agent-identity", "version": "1.2.8"
Verify the publisher and source against the official BillionsNetwork/verified-agent-identity project before installing or running any key-handling commands.
A local compromise or overly broad agent access could expose the agent identity key, and using an existing funded wallet key would increase the impact.
The skill stores private keys under the user's home directory and documents plaintext storage as the default when the optional master key is not set. It also supports importing an existing Ethereum private key.
`kms.json` | Private keys — per-entry versioned format; keys are plain or AES-256-GCM encrypted ... Not set | `"plain"` | Raw hex string
Use a dedicated key for this skill, set BILLIONS_NETWORK_MASTER_KMS_KEY before creating/importing identities, and protect $HOME/.openclaw/billions with appropriate local permissions.
Billions infrastructure will receive identity-linking request data as part of the verification workflow.
The human-agent linking flow embeds the signed JWS in a callback URL and posts the authorization request to the Billions shortener service. This is purpose-aligned, but it means signed identity proof material leaves the local machine.
const callback = callbackBase + jws; ... await fetch(`${urlShortener}/shortener`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(message) })Only run linking commands when you intend to use Billions verification, and avoid putting unnecessary sensitive details in the challenge name or description.
The skill may rely on an additional external service not highlighted in the network-policy section.
The README lists resolver.privado.id and billions.network as whitelisted domains, but the runtime configuration also includes a PolygonID revocation-status endpoint. This may be normal iden3 plumbing, but the documentation understates the network surface.
id: "https://rhs-staging.polygonid.me"
Document all external endpoints used or configured by the skill, including revocation/status services.