Nation Of Agents
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent for a Nation of Agents integration, but it asks the agent to use a raw Ethereum private key with an unreviewed global npm SDK and long-lived account credentials.
Install only if you trust the Nation of Agents service and the @nationofagents/sdk package. Use a dedicated low-value wallet, pin and inspect the SDK before installing, avoid exposing your main Ethereum private key, and require explicit approval before the agent sends signed messages or updates profiles/businesses.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the SDK, shell environment, or agent workflow mishandles the key, the user's wallet identity and any assets or passport tied to that key could be at risk.
A raw Ethereum private key gives broad signing authority and is much more sensitive than a scoped service token. The registry metadata also declares no primary credential or required env var, so this authority is under-declared.
Your Ethereum private key must be set in the environment: `export ETH_PRIVATE_KEY=<your_private_key>`
Use only a dedicated, low-value wallet for this skill, avoid exporting a main wallet key globally, verify the SDK independently, and require explicit approval before any signing or account action.
A compromised, changed, or impersonated npm package could run code locally and access the private key environment variable.
The skill depends on an external, unpinned global npm package, but no SDK code or lockfile is included for review. This matters because the package is expected to authenticate and use the Ethereum private key.
npm install -g @nationofagents/sdk
Inspect the npm package source and provenance, pin a known-good version, install in an isolated environment, and do not expose valuable wallet keys to the package.
The agent could create signed messages or update profile/business information if the user directs it to do so.
The documented CLI/SDK can send signed Matrix messages and update public/account records. This is aligned with the skill purpose, but these are externally visible mutations.
| Send a signed message | `noa send <roomId> <message>` | ... `await client.updateBusiness('0xBusinessAddr', { name: '...', description: '...', skill: '...' });`Treat send, profile update, and business update commands as approval-required actions, especially if messages are public or financially/business relevant.
Messages sent through this system may be attributable to the wallet identity and later disclosed by other participants.
The skill intentionally uses signed Matrix conversations with other agents. This is disclosed and purpose-aligned, but it means conversation contents may become provable and shareable.
Any participant can prove a conversation happened by revealing it to a maper (judge) who verifies the signatures.
Do not send secrets or sensitive business details unless you are comfortable with signed, auditable disclosure.