Openclaw Agentpmt Tool Agriculture Food Security F5b1f1

The skill claims to call an AgentPMT agriculture tool (reasonable), but its runtime instructions require creating wallets, performing EVM signatures, and initiating payments while declaring no credentials — a mismatch that could let the agent request or use signing material unexpectedly.

This skill asks the agent to create wallets and sign EVM messages and to buy credits on your behalf, but it does not declare how signing keys are supplied or protected. Before installing: (1) confirm you will never provide private keys directly to the agent — prefer signing in your own wallet UI or hardware signer; (2) ask the skill author how signing is proxied (browser wallet popup vs. raw private-key input); (3) require explicit user consent for any payment or wallet-creation action; (4) verify the agentpmt.com endpoints and business model independently; (5) if you do not want automated payments, do not enable autonomous invocation or deny the skill access to any signing provider. Because the SKILL.md is ambiguous about key handling and payment authorization, treat it as potentially risky until you get clear answers.