ClawHub

Trust Escrow

v1.0.0

Create and manage USDC escrows for agent-to-agent payments on Base Sepolia. 30% gas savings, batch operations, dispute resolution.

1· 1.4k·1 current·1 all-time
by@droppingbeans
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and SKILL.md functions (create/release/autoRelease/dispute, batch ops) align with an on-chain USDC escrow contract on Base Sepolia. Contract and token addresses, RPC, and code examples are consistent with the stated purpose.
!
Instruction Scope
The SKILL.md contains concrete wallet code that requires a raw private key (privateKeyToAccount('0xYOUR_PRIVATE_KEY')) and shows writeContract calls. It does not instruct safe signing practices (e.g., external signer, hardware wallet, WalletConnect) and gives no constraints on where the private key comes from. That creates a real risk that an agent following these instructions could request, store, or transmit private keys. The doc links to external web apps (vercel.app) and an 'agent-info' page — these could be legitimate integration docs but are external endpoints the agent might contact; the SKILL.md does not specify or limit what agent-supplied data to send to those endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files — low install risk because nothing is written to disk by an installer. The scanner had no code to analyze.
!
Credentials
The skill declares no required environment variables or primary credential, yet its examples require a signing key (private key) and use an RPC endpoint. The implicit need for a private key (or other signer) is not declared nor constrained — a mismatch that could lead to insecure practices (pasting private keys into the agent).
Persistence & Privilege
always:false (normal). The skill allows autonomous invocation by default (platform default). While that alone is not a problem, autonomous invocation combined with access to a user's private key would be high-risk — the SKILL.md does not prevent the agent from performing on-chain writes if it obtains signing credentials.
What to consider before installing
Before installing or using this skill: 1) Treat the skill as requiring transaction signing even though it doesn't declare credentials — do NOT paste private keys into the agent. Use an external signer (hardware wallet, WalletConnect, or an ephemeral signing service) if you intend to interact. 2) Verify the contract and USDC token addresses on a block explorer and review the escrow contract source yourself (or ask the author for verified source). 3) Confirm the skill's provenance: who published it, and does the web app/agent docs belong to a reputable project? 4) If you must test, use a throwaway account with minimal funds on the Sepolia testnet first. 5) Prefer skills that explicitly declare credential needs and recommend secure signing flows; if the agent will ever have signing power, restrict autonomous invocation or require explicit user approval for transactions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eagb06kzmryjqdp92jf6t3180gv7g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🫘 Clawdis

Comments