XMTP CLI
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a straightforward XMTP CLI guide, but it involves installing an external CLI and may use a wallet private key to read, send, sync, and manage XMTP messages and groups.
Before installing, verify the @xmtp/cli package and use an ephemeral or low-risk wallet for testing. Do not put a valuable wallet private key in .env unless you trust the CLI and environment, and review any send, group, sync, or permission command before it runs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs these commands with a real XMTP identity, it could send messages, create groups, or change group permissions.
The skill intentionally exposes CLI actions that can read and mutate XMTP conversations, groups, messages, and permissions. This fits the stated purpose, but these actions can affect real conversations if run with the user's configured identity.
- Sending messages or creating and managing groups - Listing or finding conversations, members, and messages - Syncing conversations and messages - Managing group permissions
Use the skill only for intended XMTP tasks, and review recipient addresses, group IDs, message contents, and permission changes before execution.
A private key in a .env file could expose the XMTP wallet identity if the environment, filesystem, shell history, or installed CLI package is compromised.
The CLI setup can use a wallet private key and database encryption key. This is disclosed and expected for XMTP identity setup, but these are sensitive credentials.
- `XMTP_WALLET_KEY` – Private key for Ethereum wallet (hex with `0x`) - `XMTP_DB_ENCRYPTION_KEY` – Database encryption key
Prefer the ephemeral wallet option for testing, avoid using a funded or high-value wallet key, protect the .env file, and verify the installed CLI package.
The actual behavior depends on the @xmtp/cli package obtained from the package registry at install or runtime.
The skill relies on an external npm package installed globally or run via npx, and the artifacts do not pin a version or include the package source for review. This is normal for an instruction-only CLI skill but carries standard package-provenance risk.
npm install -g @xmtp/cli # or pnpm add -g @xmtp/cli # or yarn global add @xmtp/cli
Install from a trusted registry, verify the package and publisher, consider pinning a known-good version, and avoid entering sensitive keys until the CLI source and version are trusted.
Private conversation content may be stored locally or displayed to the agent during listing and debugging workflows.
The CLI can sync full conversation history into local state. This is purpose-aligned for an XMTP CLI, but it can bring sensitive message content into the local environment and later command outputs.
xmtp syncall Syncs all conversations and their messages.
Use a dedicated database directory, limit syncing to accounts and environments appropriate for the task, and avoid exposing synced message output unless needed.