zscore
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate Zeru registry skill, but it can use a wallet private key to spend gas/fees and publish or update on-chain agent data.
Install only if you intend to manage Zeru registry entries. Use a dedicated low-balance wallet, test on Base Sepolia first, review fees and JSON before write commands, and treat remote agent metadata as untrusted.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the skill is invoked for writes, it can sign Zeru API messages and send blockchain transactions from the configured wallet, spending gas and possibly registration fees.
The CLI reads a wallet private key from the environment and creates an ethers signer for write operations.
const pk = process.env.PRIVATE_KEY; ... const signer = new Wallet(pk, provider);
Use a dedicated low-balance wallet, avoid using a primary wallet key, and prefer Base Sepolia for testing.
A mistaken or unintended registration can spend ETH for the fee and gas and create persistent on-chain/public agent records.
Registration sends a payable on-chain transaction to the configured identity registry.
const tx = await registry.registerWithFee(agentURI, { value: fee });Review the network, fee, wallet, and agent JSON before running register, set-metadata, or unset-wallet.
Reading unknown agents may contact arbitrary external URLs and place untrusted metadata into the agent's output context.
Reading an agent can trigger an HTTP fetch to the agentURI stored on-chain, which may be controlled by another registrant.
if (agentURI && agentURI.startsWith("http")) { const res = await fetch(agentURI); ... result.parsedJson = (await res.json()); }Treat fetched agent metadata as untrusted and consider adding URL allowlisting or user confirmation before fetching arbitrary agentURI values.
Installing npm dependencies can introduce normal package supply-chain risk.
The skill relies on npm package installation before use. This is expected for the Node-based CLI, and package versions are pinned, but it is still an external dependency step.
Run once to install dependencies:
cd {baseDir} && npm installInstall from a trusted environment, review package.json, and consider using a lockfile or reproducible install process.