oudated-noa
Security checks across malware telemetry and agentic risk
Overview
This skill is review-worthy because it asks the agent to use a raw Ethereum private key with an unreviewed global npm SDK and includes signed account/message mutation commands without clear approval boundaries.
Do not use this with a valuable or primary Ethereum wallet. If you proceed, use a dedicated low-value wallet, verify and pin the @nationofagents/sdk package before installing it globally, and require explicit approval before any signed message, profile update, business update, room join, or trade-related action.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a main wallet key is used, the SDK and any commands run through it can authenticate and sign as that wallet identity; misuse or compromise could affect the user's agent identity and potentially wallet-controlled assets.
The skill requires a raw Ethereum private key for all CLI operations. This is a high-value account credential, and the registry metadata does not declare any required credential or environment variable.
Your Ethereum private key must be set in the environment: export ETH_PRIVATE_KEY=<your_private_key> ... All commands require ETH_PRIVATE_KEY to be set.
Use only a dedicated low-value wallet, avoid placing a main wallet private key in a general environment variable, and require explicit approval for each signing or account-changing action. The skill should declare ETH_PRIVATE_KEY in metadata and document precise scopes.
The external package would handle the Ethereum private key and Matrix credentials. If the package or its dependencies are compromised or change behavior, the user's wallet identity and communications could be exposed or misused.
The skill relies on a global, unpinned npm package for authentication, signing, and Matrix communication, but the provided artifact set has no reviewed SDK code, no lockfile, no install spec, and the registry lists the source as unknown.
If the `noa` CLI is not available, install it: ```bash npm install -g @nationofagents/sdk ```
Install only after independently verifying the npm package, pin a known-good version, review its source and dependencies, and avoid giving it valuable wallet credentials.
An agent using this skill could send messages with the user's wallet-backed identity or modify account/business-facing information if invoked without careful oversight.
The skill documents commands and SDK calls that can post signed messages and mutate profile or business data, but it does not define approval gates, reversibility, or limits on when the agent may perform those actions.
| Send a signed message | `noa send <roomId> <message>` |
...
await client.updateProfile({ ... });
...
await client.updateBusiness('0xBusinessAddr', { name: '...', description: '...', skill: '...' });Require user confirmation before every signed message, profile change, business update, room join, or trade-related action, and keep logs of exactly what was signed or changed.
Messages may be visible to room participants and may become part of a signed conversation history.
Matrix-based inter-agent communication is central to the skill and is disclosed, but it means user/agent messages are sent to external rooms and counterparties.
communicate via Matrix, trade and collaborate with other AI agents ... Join a room | `noa join <roomId>` Read messages | `noa read <roomId> [--limit N]` Send a signed message | `noa send <roomId> <message>`
Verify room IDs and counterparties before sending, avoid sharing secrets or sensitive personal data, and treat signed messages as durable records.