BTCD Skill (NBW)
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent crypto-loan workflow, but it requires raw wallet private keys and can broadcast a mainnet BTC collateral transaction without an in-script confirmation.
Only use this skill if you understand the BTCD/PGP collateralization protocol and are comfortable with mainnet financial transactions. Use fresh, dedicated wallets with only the funds needed, verify contract addresses and BTC destinations independently, inspect npm dependencies before installing, and require manual review before any BTC broadcast or token approval.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If these keys are exposed, misused, or used by unintended code, the associated wallets and funds could be at risk.
The skill requires raw EVM and BTC private keys for mainnet wallet operations. Raw private keys grant broad signing authority, not a narrowly scoped permission.
EVM_PRIVATE_KEY=<AGENT_EVM_PRIVATE_KEY> ... BTC_PRIVATE_KEY=<AGENT_BTC_PRIVATE_KEY_NO_0x_PREFIX> BTC_NETWORK=mainnet
Use only dedicated, minimal-balance wallets for this flow; do not use primary wallet private keys. The skill should declare these credentials explicitly and prefer safer wallet-signing flows where possible.
A user or agent running this step can lock/send BTC collateral without a final human review of the amount, destination, or fee at the moment of broadcast.
The BTC collateral step performs a high-impact mainnet transfer and is explicitly designed to run without an in-step confirmation prompt.
Step 3: Lock BTC Collateral ... **No interactive prompts** — the script is fully automated ... Broadcasts BTC tx and waits for **3 confirmations**
Require an explicit confirmation immediately before BTC broadcast showing destination address, amount, and estimated fee; consider disabling autonomous invocation for this step.
A user may not realize from the registry metadata that installing or running the skill requires highly sensitive wallet credentials.
The registry metadata under-declares the skill’s actual need for raw EVM and BTC private keys, which are shown in the SKILL.md setup and .env template.
Required env vars: none Env var declarations: none Primary credential: none
Update metadata to declare EVM_PRIVATE_KEY and BTC_PRIVATE_KEY as required sensitive credentials, and clearly warn users before setup.
Dependency installation may introduce third-party code into the environment before private keys are added.
The skill requires installing Node.js dependencies. This is normal for a Node-based workflow, but dependency installation should be reviewed, especially because the registry lists no formal install spec.
Install dependencies: ```bash npm install ```
Inspect package.json and dependency versions before running npm install, and install in an isolated directory or container.
Local state may contain protocol-sensitive data that should not be shared or committed to source control.
The workflow stores the generated preImage in persistent local flow state so later steps can claim tokens.
updateStep('01-take-order', {
orderId: orderId,
preImage: preImage,
preImageHash: preImageHash,Keep the state directory private, restrict file permissions, and delete or archive state securely when the flow is complete.