Back to skill
Skillv1.0.0
ClawScan security
V Identity Ilhant34 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 10:40 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested resources are consistent with a Billions/iden3 decentralized-identity tool; it stores keys and identity data locally and talks to project domains — review storage/encryption choices and trust of upstream domains before use.
- Guidance
- This skill appears to implement what it claims: local DID/key management, signing challenges, generating wallet pairing URLs, and verifying signatures with the Billions/iden3 stack. Before installing: 1) Understand that private keys and credentials are stored under $HOME/.openclaw/billions; if you do not set BILLIONS_NETWORK_MASTER_KMS_KEY they will be stored as plaintext hex — set a strong master key if you want at-rest encryption. 2) The scripts will install npm packages from the public registry and make HTTPS calls to Billions/Privado domains (rpc-mainnet.billions.network, identity-dashboard.billions.network, attestation-relay.billions.network, resolver.privado.id). Only proceed if you trust those endpoints. 3) Consider running the skill in an isolated environment (container or VM) if you plan to generate or import private keys. 4) Verify the full source (the remaining omitted files) and the upstream project/release provenance (homepage and repository) if you need higher assurance. 5) Backup your master key securely; losing it makes encrypted keys unrecoverable. Overall the package is coherent with its purpose, but treat storage and key-handling choices as security-sensitive.
Review Dimensions
- Purpose & Capability
- okThe name/description (link agents to human identities on Billions using ERC-8004 / iden3) matches the included scripts: create DID, sign challenges, create pairing URLs, and verify signatures. Required binary (node) and npm dependencies (identity/crypto libraries) are appropriate for this purpose. Network endpoints and storage locations used are consistent with the described Billions project.
- Instruction Scope
- okSKILL.md instructs running the provided scripts and explicitly restricts manual cryptographic work. The scripts only read/write files under $HOME/.openclaw/billions and make network calls to project domains (rpc-mainnet.billions.network, identity-dashboard.billions.network, attestation-relay.billions.network, resolver.privado.id). There is no instruction to access unrelated system files or credentials. The scripts do post the constructed messages to the project's URL shortener and build callback URLs containing JWS tokens (expected for this workflow).
- Install Mechanism
- okNo registry-level install spec was provided, but SKILL.md tells users to run npm install inside the scripts directory. Dependencies come from the npm registry (well-known packages like @0xpolygonid/js-sdk, @iden3 libs, ethers). No arbitrary binary downloads or external archives are used. The presence of multiple package.json files (root and scripts/) is odd but not inherently dangerous.
- Credentials
- noteNo required environment variables are declared; an optional BILLIONS_NETWORK_MASTER_KMS_KEY is supported to enable AES-256-GCM encryption for stored private keys. Requesting that variable is proportional to the stated KMS feature. Important security note: if that variable is not set, private keys are persisted as plaintext hex in kms.json (the README and code both document this).
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills. It persists identity and key material to $HOME/.openclaw/billions, which is described in the docs and expected for a local KMS/identity tool. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.