Loomal Skill
PassAudited by VirusTotal on May 7, 2026.
Overview
Type: OpenClaw Skill Name: loomal-skill Version: 0.1.3 The Loomal skill provides an agent with infrastructure for email, encrypted credential storage, and payments via an MCP server. The instructions in SKILL.md include strong security guardrails, explicitly directing the AI agent to require user confirmation for sensitive actions (e.g., sending mail, making payments, or modifying the vault) and to avoid echoing secret values in chat. The installation process uses pinned npm versions (@loomal/mcp@0.5.0) to mitigate supply chain risks, and the overall design emphasizes scope-gated API keys as a primary security boundary.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is too broad, copied, or exposed, the agent or MCP server can access all Loomal capabilities allowed by that key.
The API key can authorize access to multiple sensitive user resources, depending on the scopes the user grants.
Loomal API keys are the delegated authority for the user's mail, vault, calendar, and payments.
Create a separate narrow key per task or agent, verify identity with whoami before sensitive actions, and rotate or revoke keys when no longer needed.
A mistaken or overbroad approved action could send funds, send or delete mail, or modify calendar data.
The tool surface includes real payment settlement. The skill requires confirmation, which mitigates the risk, but the action has real-world financial impact.
`payments_redeem` — real USDC settlement on Base mainnet. Confirm the amount and the destination resource before calling.
Before confirming, carefully check payment amount, destination, email recipients, calendar details, and any delete or archive actions.
An agent with vault scope may retrieve or use sensitive credentials and live 2FA codes during a task.
The skill is designed to store and retrieve persistent high-value secrets, including credentials and OAuth tokens, through Loomal tools.
**Encrypted vault** for logins, API keys, OAuth tokens, certs, cards (AES-256-GCM at rest)
Grant vault scopes only when needed, avoid broad long-lived keys, and do not ask the agent to reveal secrets unless absolutely necessary.
Installing the MCP server means trusting the npm package and Loomal service code with the scoped API key.
The actual MCP server is an external npm package executed via npx and is not included in the reviewed artifacts, although the version is pinned.
openclaw mcp set loomal '{"command":"npx","args":["-y","@loomal/mcp@0.5.0"],"env":{"LOOMAL_API_KEY":"loid-..."}}'Keep the package version pinned, update intentionally, and compare the npm package/source/checksum if stronger provenance is required.