ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Vincent - Wallet

v1.0.70

The agent's wallet for EVM chain transactions and raw signing. Use this skill when users want to create a wallet, transfer tokens, swap on DEXs, interact wit...

2· 4.5k·8 current·8 all-time
byChris Cassano@glitch003
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and SKILL.md consistently describe an agent wallet for EVM transactions and raw signing. The use of an npm CLI (@vincentai/cli) and persisted credential files matches the claimed purpose (agent creates a scoped API key, stored in declared credential paths). No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to use the Vincent CLI via npx to create/list/use scoped API keys and run transactions. The skill declares the specific credential storage paths it will use. The instructions do not explicitly ask the agent to read unrelated system files or exfiltrate data, but the allowed tools (Read, Write, Bash) plus the persistence of an API token on disk mean the agent could potentially access local files or the stored token unless filesystem permissions and policies are controlled.
!
Install Mechanism
This is an instruction-only skill that relies on npx @vincentai/cli@latest at runtime. npx will fetch and execute code from the npm registry dynamically — a moderate-risk operation because it pulls remote code on demand. No install spec mitigates this (no pinned SHA or vendor-provided artifact). Fetching and running an external CLI is expected for this functionality but requires trusting the package and registry.
Credentials
No environment variables or unrelated credentials are requested, which aligns with the claimed agent-first onboarding. The skill does declare config paths where the scoped API key will be stored; persisting secrets to disk is proportional to the use case but increases attack surface (local file access, backups, sync services).
Persistence & Privilege
always is false and model invocation is enabled (intended for autonomous agent wallet use). The skill stores its own credential under the declared paths but does not request system-level persistence or modification of other skills. This level of persistence is expected for a wallet skill.
What to consider before installing
This skill appears to do what it says, but you must trust the Vincent service and the npm CLI it fetches at runtime. Before installing/using: (1) review the Vincent repository and npm package source yourself or self-host if possible; (2) prefer pinned versions or verified package checksums instead of npx @latest; (3) restrict filesystem permissions on the credential path and ensure it isn't backed up or synced to cloud services; (4) configure conservative spending/allowlist policies and require human approvals for high-value operations; (5) monitor and be prepared to revoke the scoped API key if anything looks suspicious. If you cannot or do not want to trust an external service and remote npm packages, consider a self-hosted alternative or using a locally controlled signer.

Like a lobster shell, security has layers — review code before you run it.

latestvk973srd5e8rs4etgnrwz4pqrjd82s923

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Config${OPENCLAW_STATE_DIR:-$HOME/.openclaw}/credentials/agentwallet, ./agentwallet

Comments