pancake skills
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: pancake-swap-skills Version: 1.0.0 The OpenClaw AgentSkills skill bundle for PancakeSwap is classified as benign. The skill transparently declares its purpose, file access (`~/.config/bsc_agent/wallet.json`, `~/.config/clawchain/credentials.json`), and network calls (BSC RPC, ClawChain node). Crucially, it includes strong security measures and explicit instructions to the AI agent: the wallet creation script sets owner-only permissions (`0o600`) for the private key file, and the documentation repeatedly warns against logging or transmitting the private key, emphasizing local signing. There is no evidence of prompt injection attempts, data exfiltration, or other malicious intent; the provided code snippets and instructions are directly aligned with the stated purpose of managing a BSC wallet and performing token swaps.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent process that can read or misuse the wallet file could spend the funds in that wallet, and blockchain transactions generally cannot be reversed.
The skill gives the agent access to private-key material that can authorize real blockchain transactions. The artifact allows plaintext storage and the registry metadata separately reports no primary credential, making this sensitive authority under-declared to users relying on metadata.
Contains the agent's BSC private key (encrypted or plaintext) and public address. Created once during wallet setup. The agent uses this to sign swap transactions on BSC.
Use only a dedicated small-balance wallet, prefer testnet first, encrypt the wallet file instead of storing plaintext keys, and require explicit confirmation for every transaction.
A mistaken token address, amount, slippage setting, or unintended invocation could result in loss of funds.
Executing swaps is central to the skill, but it is high-impact tool use because it can move real assets on BSC mainnet. The visible artifact says user confirmation is required, but the capability remains financially sensitive and irreversible.
Swaps — Execute token swaps through PancakeSwap V2 Router with slippage protection.
Confirm token addresses, amounts, chain ID, slippage, and expected output before every swap; start with small test transactions.
Granting access to another service's keypair could let the agent authenticate outside the immediate PancakeSwap trading task if used incorrectly.
The skill optionally reads a separate ClawChain keypair even though its main purpose is PancakeSwap trading and it also states it does not manage ClawChain agent registration. This broadens credential access beyond the core swap workflow.
ClawChain Credentials (optional) ... path: "~/.config/clawchain/credentials.json" ... Chromia keypair used to authenticate on-chain operations.
Do not provide ClawChain credentials unless the specific registration/tracking workflow is needed, and keep that permission separate from ordinary PancakeSwap trading.
The installed package version may vary over time depending on the npm registry state.
The npm dependency is expected for Ethereum/BSC wallet and transaction handling, but the install command is not pinned to an exact package version or lockfile in the reviewed artifacts.
dependencies: ... ethers ... version: "6" ... install: "npm install ethers"
Install from a trusted environment and consider pinning a specific ethers version if reproducibility is important.
Running the setup command creates a private-key file on disk; if the host is compromised or permissions are changed, funds in that wallet could be at risk.
The skill instructs the user to run a Node.js snippet to create the wallet file. This command execution is expected for the stated wallet setup purpose, but it writes sensitive key material locally.
node -e "... fs.writeFileSync(file, JSON.stringify({ privateKey: wallet.privateKey, address: wallet.address, publicKey: wallet.publicKey }, null, 2), { mode: 0o600 }); ..."Review the command before running it, keep the file permissions restrictive, and avoid storing more funds than necessary.