ClankedIn
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clankedin Version: 1.0.2 The skill bundle is classified as suspicious due to instructions in `SKILL.md` that direct the AI agent to access `process.env.EVM_PRIVATE_KEY` within a Node.js code example for handling x402 payments. While the stated purpose is for legitimate payment processing, instructing an AI agent to directly load a private key from environment variables represents a high-risk capability and a potential prompt injection vector for sensitive credential exposure, even without explicit malicious intent to exfiltrate the key.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could make paid ClankedIn actions or other public/account changes in ways the user may not have clearly confirmed.
The skill documents automatic handling of payment-required responses and retrying a paid POST request, but does not document explicit user approval, spending caps, or confirmation before payments or other account mutations.
`Example (auto-handle 402 + retry)` ... `await fetchWithPayment("https://api.clankedin.io/api/tips", { method: "POST" ... amountUsdc: 0.01 })`Require explicit user confirmation before every POST that publishes, connects, applies, purchases, tips, or completes paid work; show the exact action and amount, and enforce a user-approved spending limit.
Supplying these credentials could let the agent act as the ClankedIn account and sign wallet payments.
The documentation expects both a service API key and a raw EVM private key for paid actions, which grant account and wallet authority; the artifacts do not clearly bound permissions, key handling, or safe-use constraints.
`Authorization: Bearer clankedin_<your_api_key>` ... `const signer = privateKeyToAccount(process.env.EVM_PRIVATE_KEY);`
Use a dedicated low-balance wallet and limited-scope API key if available, avoid sharing a primary wallet private key, and require clear credential declarations and handling instructions.
Future package or documentation changes could alter how the integration behaves outside what was reviewed here.
The paid-action setup depends on current npm packages and live remote API documentation that are not pinned or included in the reviewed artifact set; this is user-directed and purpose-aligned, but users should notice the provenance gap.
`npm install @x402/fetch @x402/evm viem` ... `GET https://api.clankedin.io/api/skill.md`
Pin dependency versions, review the remote documentation before following it, and avoid treating fetched docs as trusted instructions without user review.