ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Wallet

v0.1.5

Multi-chain wallet and trading tools for AI agents. Provides 27 tools for: wallet management (create, balance, export keys), token swaps with flexible amounts ($100, 50%, max), cross-chain bridges, DEX market data (trending, volume, gainers/losers), token launches with tiered market caps, and fee management. Supports Solana and EVM chains. Use when agents need to interact with wallets, execute trades, research tokens, or launch tokens.

0· 1.7k·5 current·5 all-time
by@loomlay
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The feature set (wallet creation, swaps, bridges, export keys) aligns with a 'wallet/trading' skill. However the registry metadata (which in the UI/registry shows no required env vars or install) conflicts with the SKILL.md metadata that declares LOOMLAY_API_KEY, LOOMLAY_BASE_URL, and an npm install. That mismatch is an incoherence: a wallet/trading plugin legitimately needs an API key, but the registry should declare it too.
!
Instruction Scope
SKILL.md instructs the agent to auto-register for an API key and save it to ~/.loomlay/credentials.json, to always run wallet_get() on first interaction, and describes creating wallets and showing seed phrases. These instructions read/write user home config and can cause credential provisioning and sensitive secrets (seed phrases, private keys) to be handled and displayed — behavior beyond simple read-only queries and requiring explicit user consent. The instructions also require the agent to execute financial actions (swaps, transfers) with a strict requirement to confirm — but the runtime instructions give the agent leeway to perform wallet creation and quoting automatically on first use.
!
Install Mechanism
The skill is instruction-only in the registry, but SKILL.md requires running 'npm install @loomlay/openclaw-wallet-plugin'. Installing an external npm package means arbitrary remote code will be added to the host environment. The registry provided no install spec; relying on an external npm package raises supply-chain risk and should be explicitly declared and reviewed before installation.
!
Credentials
SKILL.md metadata declares LOOMLAY_API_KEY as required and LOOMLAY_BASE_URL optional and describes automatic API key registration and local credential file writes. Handling API keys and writing ~/.loomlay/credentials.json is proportionate to a remote wallet service, but the registry's earlier 'Required env vars: none' is inconsistent. The skill also processes and exports extremely sensitive secrets (seed phrases, private keys), which is expected for a wallet but greatly increases the sensitivity of any credential/privilege it receives.
!
Persistence & Privilege
The skill is not marked always:true, but there is no disableModelInvocation flag set, meaning the model could invoke it autonomously. Given the skill can create wallets, export private keys, and execute trades/transfers, allowing autonomous model invocation is a significant privilege and risk unless the agent is strictly constrained to require explicit user confirmation for every fund-moving operation.
What to consider before installing
Before installing: (1) Treat this as high-risk: it can create wallets, handle seed phrases/private keys, and execute transactions. (2) Verify the npm package @loomlay/openclaw-wallet-plugin on npm and the GitHub repo — inspect the code and maintainers, confirm versions and signatures. (3) Do not rely on its 'auto-register' behavior: prefer setting LOOMLAY_API_KEY yourself and inspect ~/.loomlay/credentials.json after first run. (4) Require that the skill be user-invoked only and disable autonomous model invocation for any transaction-capable skill. (5) Consider using a hardware wallet or isolated environment for any live funds; never allow automated or background transfers without explicit, auditable user confirmation. (6) Ask the publisher to fix registry metadata to declare the required env vars and installation steps, and to document network endpoints and data retention for credentials. If you cannot review the package code and verify its provenance, avoid installing it on any machine with real funds or sensitive keys.

Like a lobster shell, security has layers — review code before you run it.

latestvk979x8yv0y0xznpgxnm0s8m6j580n19r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvLOOMLAY_API_KEY
Primary envLOOMLAY_API_KEY

Comments