Emblem Ai Agent Wallet
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is purpose-aligned for crypto wallet use, but it gives an agent high-impact wallet control for sending and swapping assets without clearly documented transaction approval limits.
Review this carefully before installing. It is not shown to be malicious, but it can connect to crypto wallets and supports swaps and sends. Use a separate low-value wallet, require explicit confirmation for every transaction, protect the EMBLEM_PASSWORD and ~/.emblemai files, and verify the npm package before use.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with wallet access, the agent may be able to initiate trades or transfers that are difficult or impossible to reverse.
The skill routes user or agent requests into a wallet CLI that can perform irreversible financial actions, but the provided instructions do not show clear transaction confirmation, amount limits, recipient verification, or a read-only default.
"Swap $20 of SOL to USDC"; "Send 0.1 ETH to 0x..."; "All requests are routed through `emblemai` under the hood."
Only use this with a small, separate wallet unless the CLI provides explicit confirmations. Require manual approval for every transaction, including chain, token, amount, recipient, and fees.
Anyone or anything with this password may be able to access the same wallet, and losing it may mean losing access.
The skill requires a password that derives or unlocks wallet access; this is expected for the stated wallet purpose, but it is a high-value credential.
"Required env vars: EMBLEM_PASSWORD" and "No recovery if lost (treat it like a private key)"
Use a unique strong password, do not reuse it elsewhere, keep it out of chat transcripts and logs, and prefer a limited wallet for agent activity.
Local compromise or misuse of saved session files could expose wallet access or account state.
The skill persists authentication state locally, which is purpose-aligned but sensitive because saved sessions can preserve access beyond a single interaction.
"Checks `~/.emblemai/session.json` for a saved session" and "The session JWT is captured, saved to disk"
Protect the local ~/.emblemai directory, understand how to revoke or delete sessions, and avoid using this on shared or untrusted machines.
The actual wallet behavior depends on the installed npm package, not just this instruction file.
The skill depends on a globally installed external CLI package; this is disclosed and central to the purpose, but the reviewed artifact set did not include the package code.
`npm install -g @emblemvault/agentwallet`
Install only from the official package/source, verify the publisher and version, and review the CLI’s behavior before connecting a valuable wallet.