ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Raven Transfer

v1.1.0

Wallet-aware Raven Atlas transfer operations for NGN payouts. Use when an agent must check wallet balance, resolve Nigerian bank accounts, enforce explicit c...

0· 260·1 current·1 all-time
byFmac@fmacmak
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code, README, SKILL.md, and agent metadata all implement wallet-checked NGN transfers via Raven Atlas and require a Raven API key; that capability matches the skill name and description. However, the registry-level metadata claims no required environment variables or primary credential while the package clearly requires RAVEN_API_KEY_FILE or RAVEN_API_KEY. This inconsistency is unexpected and should be resolved.
Instruction Scope
SKILL.md and the scripts only instruct operations needed for payouts (balance, lookup, preview, confirm, execute, status). The runtime instructions reference only the Raven API and a local state file (.state/transfer-state.json). They explicitly forbid auto-retry for transfers and require explicit confirmation tokens, which is in-scope for the described purpose.
Install Mechanism
There is no remote install/download step; this is an instruction + local script package. All code is included in the bundle and there are no external URLs or archive extraction steps. Risk from install mechanism is low.
!
Credentials
The package legitimately requires a Raven API credential (file or env var) and several optional test/run-time overrides. Those are proportionate to payout functionality. The concern is that the registry metadata provided alongside the skill claims no required env vars/primary credential, conflicting with agents/openai.yaml and SKILL.md; that mismatch could lead to accidental missing protections or incorrect installation by users/automation.
Persistence & Privilege
The script persists a minimal idempotency state to scripts/.state/transfer-state.json with owner-only permissions by default and provides RAVEN_DISABLE_LOCAL_STATE to disable persistence. This is consistent with its purpose; ensure the .state directory is excluded from backups and VCS. The skill does not request always:true or other elevated platform privileges.
What to consider before installing
This package appears to implement legitimate Raven NGN payout operations and correctly requires a Raven API key and a local state file for idempotency. However: (1) the registry metadata shown with the published skill incorrectly lists no required environment variables and no primary credential — confirm that your agent runtime will supply RAVEN_API_KEY_FILE or RAVEN_API_KEY before installing; (2) SKILL.md and agents/openai.yaml ask that implicit model invocation be disabled to prevent accidental autonomous transfers — make sure the skill is not allowed to run implicitly/autonomously in your agent configuration; (3) review and exclude scripts/.state/transfer-state.json from backups and source control (the package claims it stores only non‑PII idempotency fields, but verify you agree); (4) run the included validate-skill-package.mjs and unit tests in a safe environment (live transfer tests are intentionally gated) before enabling; (5) treat this as high-impact software — it can move money, so if you cannot verify the registry metadata and agent policies match the package docs, do not install or provide production API keys. If the publisher can correct the registry metadata (declare the required env and primary credential and set disable-model-invocation), confidence in installing this skill would increase.
scripts/raven-transfer.mjs:9
Environment variable access combined with network send.
tests/contract-live.test.mjs:6
Environment variable access combined with network send.
!
scripts/raven-transfer.mjs:4
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9736p7ttm8e2c4d9k336tg88182rryh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments