Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Potato Tipper
v1.0.2Skill for AI agents to setup the Potato Tipper on a Universal Profile on LUKSO (requires private key), and learn to build innovative tip-on-follow solutions.
⭐ 1· 351·0 current·0 all-time
byJean Cvllr@cj42
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (install PotatoTipper on a LUKSO Universal Profile) matches the provided files: ABIs, encoding helpers, Foundry/TypeScript examples, and a setup script. However the registry metadata claims 'Required env vars: none' while the scripts and SKILL.md explicitly require a controller PRIVATE_KEY and several other env vars (TIP_AMOUNT, UP_ADDRESS, etc.). That mismatch is unexpected and warrants caution.
Instruction Scope
SKILL.md and included files provide step-by-step setup that instructs cloning the GitHub repo and running a Foundry script which expects PRIVATE_KEY and will broadcast transactions to the LUKSO RPC. The runtime instructions therefore go beyond passive reading: they direct actions that change on‑chain state and authorize token allowances. This is within the skill's stated purpose but requires handling a private key and running repo code — both high-risk operations if done via an agent or without manual oversight.
Install Mechanism
There is no formal install spec (instruction-only), but the included shell script clones a public GitHub repo (github.com/CJ42/potato-tipper-contracts) and executes a Foundry script. Cloning from GitHub is a common, traceable pattern (lower risk than arbitrary URLs), but executing code from a remote repo that will broadcast transactions increases risk and should be done locally by the user after manual review.
Credentials
The skill effectively requires a sensitive PRIVATE_KEY (EOA controller key) plus other env vars to perform its main function, yet the registry metadata lists no required env vars or primary credential. Asking for a private key is proportionate to the action of configuring a UP on-chain, but the omission in metadata is an incoherence and a security concern: the agent or script may prompt for or request sensitive credentials unexpectedly. Also the scripts authorize an operator on the user's token (spend allowance), which is a powerful action and must be considered by the user.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or global agent settings. The default ability for the agent to invoke the skill autonomously is allowed by platform defaults; combined with the above credential/transaction concerns this increases potential blast radius if the agent were given a private key or instructed to run the setup automatically. Treat autonomous runs as risky when private keys are involved.
What to consider before installing
Do not paste or upload your private key into the agent. The skill's scripts and examples require a controller PRIVATE_KEY and will broadcast transactions (set data on your Universal Profile and authorize token operator allowances). The registry metadata failing to declare those env vars is a red flag — assume the skill will ask you to provide them if you follow the 'one-click' path. If you want to use this skill safely:
- Review the included code locally (repo is on GitHub) before running anything.
- Run setup only from your own trusted environment (not by pasting secrets into a chat/agent) and use a test account on testnet first.
- Prefer granting minimal controller permissions and temporary budgets; consider toggling permissions off after setup.
- If you must interact via an agent, restrict it to read-only operations (code review, explanation, or encoding helpers) and refuse any request to supply PRIVATE_KEY or other secret values.
- If the registry metadata is supposed to list required env vars, ask the publisher to correct that mismatch before trusting automated flows.Like a lobster shell, security has layers — review code before you run it.
latestvk975jdf3r2g47wv1fnre76nnms81x0zf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.