aaveclaw
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can sign Base Sepolia transactions with the configured wallet key. If the user reuses a real wallet key, the key itself is highly sensitive even though this skill targets a testnet.
The code reads a raw wallet private key from environment or local config and uses it to create an ethers signer, but the registry metadata declares no primary credential, required env vars, or required config paths.
if (process.env.X402_PRIVATE_KEY) { return process.env.X402_PRIVATE_KEY; } ... join(homedir(), ".x402-config.json") ... return config.private_key;Use a dedicated Base Sepolia testnet wallet only, do not reuse a mainnet/private wallet key, and require explicit user confirmation before any transaction.
The configured pool contract may retain broad token-spending allowance on Base Sepolia after the operation.
Before deposits or repayments, the skill can approve the Aave pool to spend an unlimited amount of the token. This is common in DeFi workflows but broader than the single requested amount.
const tx = await tokenContract.approve(spender, ethers.MaxUint256);
Verify the contract addresses, use a testnet-only wallet, and consider changing the code to approve only the requested amount if tighter control is desired.
Running the skill may download and install Node dependencies locally before executing commands.
The skill installs npm dependencies on setup or first use, even though the registry lists no install spec. The included package-lock.json reduces ambiguity, and ethers is purpose-aligned.
npm install --omit=dev
Review the dependency lockfile and run the skill in a controlled environment, especially because it also handles a wallet private key.