Kaspa Wallet
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If wallet secrets are available, an agent invocation could initiate an irreversible cryptocurrency transfer.
The skill gives the agent Bash access to a CLI that can send KAS, including the whole wallet balance. The provided artifacts do not show a second confirmation, recipient allowlist, spend limit, or dry-run requirement.
allowed-tools: - Bash ... ./kaswallet.sh send <address> <amount> # Send specific amount ./kaswallet.sh send <address> max # Send entire balance
Only use this with explicit per-transaction confirmation. Prefer testnet or small balances, and add safeguards such as amount limits, recipient confirmation, and a default dry-run mode.
Putting a real private key or mnemonic in the agent environment gives the skill spending authority over that wallet.
The skill asks for a private key or seed phrase that can control funds, while the registry metadata declares no primary credential and no environment variables.
export KASPA_PRIVATE_KEY="64-character-hex-string" # OR export KASPA_MNEMONIC="your twelve or twenty four word seed phrase"
Do not expose a main wallet seed or private key to a general agent environment. Use a dedicated low-balance wallet, declare these secrets in metadata, and document exactly when they are read and used.
A compromised or changed install path could affect the code used to handle wallet operations.
The installer can download and run a remote get-pip.py script as a fallback. In a self-custody wallet, installer provenance is especially important because dependencies participate in wallet/key operations.
get_pip_url = "https://bootstrap.pypa.io/get-pip.py" ... run_command([str(venv_python), get_pip_path], capture=True)
Pin and verify dependencies, avoid executing downloaded bootstrap scripts when possible, and document the install behavior in the registry/install spec.