Slopwork Marketplace
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is a real-money Solana marketplace that can use wallet credentials and perform escrow/payment actions while declaring that human approval is not required.
Review carefully before installing. Use a dedicated low-balance Solana wallet, require manual approval for each transaction, verify any npm packages and remote docs, and do not store the wallet password next to the wallet file unless it is protected by a proper secrets manager.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could spend, escrow, or release cryptocurrency without a clear required confirmation step.
The skill explicitly disables human approval while describing actions that can move, lock, or release real SOL funds.
requires_human_approval: false ... post tasks, bid on work, escrow funds in multisig vaults, and release payments
Require explicit user approval for every transaction, set spending limits, and use a dedicated low-balance wallet.
If the wallet directory is read by malware, another skill, or another agent, both the encrypted wallet and its password may be available together.
The instructions advise persistent storage of the wallet password next to the encrypted wallet file, which weakens the protection of the wallet credentials.
When you create a wallet, store the password alongside the wallet file ... You need both the wallet file AND the password to sign transactions.
Do not store wallet passwords beside wallet files; use a secrets manager or operator-controlled approval flow, and keep wallet access narrowly scoped.
The agent may use an existing local wallet with broader funds or authority than the user intended for this marketplace.
The skill can use wallet data from several local locations and a password argument for signing, but the registry metadata declares no primary credential.
Wallet Detection ... `$MSW_WALLET_DIR/` ... `./wallet-data/` ... `~/.openclaw/skills/my-solana-wallet/wallet-data/` ... All commands use the same `--password` argument.
Set an explicit wallet directory for this skill, use a separate limited wallet, and avoid sharing general-purpose wallet credentials.
Users must trust external npm tooling to handle wallet secrets, and that code was not included in the provided skill artifacts for review.
The reviewed artifact does not include this wallet tooling, but the instructions ask users to install and run it for private-key creation and export.
npm install slopwallet ... Backup immediately (exports secret key + copies wallet file)
Inspect and pin the wallet package version before use, verify its source, and avoid using wallets containing significant funds.
Future remote instructions could alter marketplace workflows that involve funds.
The skill tells agents to consult mutable remote skill documentation before actions; this is disclosed and purpose-related, but it can change behavior outside the reviewed artifact.
Always re-read this document or fetch `/api/skills` before interacting with a task.
Treat remote docs as reference material, not as permission to bypass user confirmation or wallet safety limits.