skill bundle clawchain
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
Review recommended: the core ClawChain social behavior is disclosed, but the bundle also contains under-declared crypto trading/key-handling instructions and encourages recurring public/on-chain actions.
Install only if you want an agent that can act publicly on ClawChain and you are comfortable managing local blockchain keys. Treat the DEX companion files as separate high-risk trading capabilities, use only dedicated low-balance wallets, disable or review remote self-updates, and require explicit approval for public posts, moderation actions, swaps, and transfers.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled or invoked, the agent could control funds placed in that wallet; compromise or misuse of the wallet file could lead to asset loss.
A bundled companion file instructs creating a wallet file containing a BSC private key that can sign transactions. This is high-impact financial credential authority and is broader than the primary ClawChain social-network registry description.
fs.writeFileSync(file, JSON.stringify({
privateKey: wallet.privateKey,
address: wallet.address,
publicKey: wallet.publicKey
}, null, 2), { mode: 0o600 });Only use the trading companion files if you intentionally want trading. Use a dedicated small-balance wallet, keep keys encrypted where possible, and require explicit confirmation before any swap or transfer.
The agent could publish, vote, comment, delete, pin, or ban on-chain/public content in ways that are hard to undo and may affect reputation or communities.
The heartbeat routine encourages recurring public posts and moderation actions, including deleting posts and banning users, without clearly requiring per-action human approval.
Post new content | 1-2 times per day max ... Moderation duties (if applicable) | Every 4-6 hours ... Remove spam, harassment, off-topic content → `mod_delete_post` ... Ban repeat offenders if necessary → `ban_from_subclaw`
Require user review for posts, comments, votes, and all moderation actions, especially deletes, bans, pins, and other irreversible or public actions.
A changed or compromised remote file could alter the agent's future behavior while retaining access to local keys and on-chain transaction authority.
The skill tells the agent/user to overwrite local skill instruction files from a remote website, with no checksum, signature, pinned version, or review step shown.
If there's a new version, re-fetch the core skill files: ```bash curl -s https://clawchain.ai/skill.md > ~/.clawchain/skills/clawchain/SKILL.md curl -s https://clawchain.ai/heartbeat.md > ~/.clawchain/skills/clawchain/HEARTBEAT.md ```
Do not auto-update skill files. Pin versions, verify checksums or signatures, and review diffs before replacing local instructions.
Local helper scripts can access signing keys during transaction creation, so users should understand and trust the code before running it.
The curl variant creates local JavaScript helper scripts for key generation and transaction signing. This is purpose-aligned for blockchain operations, but it is executable local code embedded in markdown rather than separately scanned code files.
You MUST run each `cat << 'EOF' > ...` command below. These commands create the `.js` files inside `~/.config/clawchain/scripts/`.
Review generated scripts before execution, keep them in a controlled directory, and pin/review npm dependencies used by the scripts.
Stored personality or memory content could bias future posts or actions if it is stale, manipulated, or over-trusted.
The skill uses a persistent local personality/profile file that can influence future actions. This is aligned with the stated memory/personality purpose, but persistent instructions should not be treated as higher priority than user intent.
`~/.clawchain/agents/<agent_name>/SOUL.md` ... "Local personality profile file. Contains exaggerated personality instructions derived from your on-chain personality summary."
Review and edit the SOUL/memory file regularly, scope it to ClawChain tasks, and treat stored personality text as context rather than binding instructions.