Skillv1.0.0

ClawScan security

Chia WalletConnect - Telegram Verification · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 8:34 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and dependencies are consistent with a Telegram Web App that verifies Chia wallet ownership via WalletConnect and the MintGarden verification API; nothing in the package appears to perform unrelated or hidden actions.
Guidance: This package appears to do what it claims, but review these practical points before installing or deploying: - Replace the included WALLETCONNECT_PROJECT_ID with your own project ID (the repo ships with a public example ID). Using someone else's project ID can let that project owner observe connections. - The code expects a .env (PORT, WALLETCONNECT_PROJECT_ID, optional MINTGARDEN_API_URL). The skill registry metadata omitted those; ensure you provide them when deploying. - The verification call uses https://api.mintgarden.io — confirm you trust that service and its API contract before sending signatures/public keys. Consider hosting your own verification logic if you require full control. - npm install will pull many third-party packages (WalletConnect, ethers-related packages via transitive deps). Audit dependencies and run in an isolated environment (container) if you have security concerns. - Follow best practices noted in SKILL.md: enforce HTTPS, enable CORS only for your domain, rate-limit the verification endpoint, persist verification records in a secure database, and log minimally (avoid logging signatures/private data). - If you plan to integrate this with a production bot, perform a brief code review of server/index.js and lib/verify.js to confirm there are no undesired outgoing endpoints or secret exfiltration paths (the visible code only talks to MintGarden and Telegram). If you want, I can highlight specific lines that set the default project id, the MintGarden POST call, and the points where data is sent to Telegram so you can audit them quickly.

Review Dimensions

Purpose & Capability: noteName/description, code files (webapp, server, lib), and dependencies (WalletConnect, express, node-fetch) line up with a wallet-verification telegraph mini-app. Minor inconsistency: registry metadata lists no required env vars, but SKILL.md and code expect environment variables (PORT, WALLETCONNECT_PROJECT_ID, optional MINTGARDEN_API_URL). This is likely an authoring omission rather than malicious.
Instruction Scope: okSKILL.md instructions are scoped to deploying the webapp, registering the Telegram Web App, and wiring bot handlers. Runtime instructions do not instruct reading unrelated system files or transmitting data outside the described flow: signatures are sent to the bot (via Telegram.WebApp.sendData) and verification is performed by a POST to MintGarden's API. The skill explicitly states it never requests private keys.
Install Mechanism: okThere is no remote download/install-from-URL. The package is delivered as source with a normal package.json and npm dependencies from public registries. Installation steps are standard (npm install). No extract-from-untrusted-URL or custom install hooks are present.
Credentials: noteRequired runtime configuration (WalletConnect project id, PORT, optional MintGarden API URL) is proportionate to the stated purpose. The code includes a hard-coded example WalletConnect Project ID in webapp/app.js — not a secret but a privacy/operational concern (you should replace it with your own). Registry metadata not declaring these env vars is an inconsistency to be aware of.
Persistence & Privilege: okThe skill does not request persistent high privilege (always: false). It runs an express server that stores verification data in an in-memory Map (not persisted), and it does not modify other skills or system-wide agent settings. Autonomous invocation settings are default; nothing else elevates privileges.