Quack Wallet

WarnAudited by ClawScan on May 10, 2026.

Overview

This wallet skill is purpose-aligned, but it can transfer tokens using a local API key without any built-in confirmation, limits, or clear metadata declaration of the credential.

Review this skill carefully before installing. It appears to do what it says—check balances and send Quack token transfers—but you should only use it with a protected, least-privilege API key and require explicit confirmation before any transfer.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI02: Tool Misuse and Exploitation

What this means

If the agent invokes this skill incorrectly or after a misleading prompt, tokens could be sent to the wrong recipient or in the wrong amount.

Why it was flagged

The script directly performs a token-transfer POST using recipient and amount command-line arguments, with no built-in confirmation, amount cap, dry run, or other guardrail.

Skill content

const res = await fetch(url, { method: 'POST', ... body: JSON.stringify({ to: args.to, amount: parseFloat(args.amount), memo: args.memo, }), });

Recommendation

Require explicit user confirmation before every transfer, show recipient and amount for review, add optional limits or allowlists, and consider disabling autonomous invocation for transfers.

Medium

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any process that can use this credential may be able to view the wallet balance or transfer Quack tokens.

Why it was flagged

The skill requires a local API key that is later used as a Bearer token for balance and transfer API calls. This is expected for a wallet integration, but it is sensitive account authority.

Skill content

Credentials at `~/.openclaw/credentials/quack.json`: {"apiKey": "your-quack-api-key"}

Recommendation

Use a least-privilege Quack API key if available, store it securely, rotate it if exposed, and confirm the key’s permissions before enabling transfers.

Low

#ASI03: Identity and Privilege Abuse

What this means

Users reviewing only metadata may not realize the skill needs a local API key with wallet authority.

Why it was flagged

Registry metadata does not declare the credential/config path even though SKILL.md and the scripts require ~/.openclaw/credentials/quack.json.

Skill content

Primary credential: none; Required config paths: none

Recommendation

Update metadata to declare the Quack API credential and required config path so users can make an informed install decision.