Skillv0.1.1

ClawScan security

Senddy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 21, 2026, 6:59 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are consistent with a private stablecoin wallet: it legitimately needs an API key and a wallet seed and otherwise only documents use of the @senddy/node library and local daemon patterns.
Guidance: This skill is coherent for its purpose, but it handles highly sensitive secrets. Before installing or running it: 1) Treat AGENT_SEED_HEX as full-control private key material — store it only in a secure secret manager, never commit it to source, and avoid placing it in environment variables on shared machines if you can use more secure secret injection. 2) Review and audit the npm package @senddy/node before installing (supply-chain risk). 3) If you run the provided daemon pattern, ensure the process is bound to localhost, monitor which port it prints, and don't expose it to untrusted networks. 4) Be cautious with the attestorUrl/relayerUrl overrides — only point them to endpoints you trust (a malicious relayer/attestor could cause proof leakage or redirect funds). 5) Prefer short-lived API keys and least-privilege credentials and use secret managers rather than plaintext files where possible.

Review Dimensions

Purpose & Capability: okName/description claim a private USDC wallet on Base. The declared required envs (SENDDY_API_KEY, AGENT_SEED_HEX) match the SKILL.md examples and are exactly what a headless wallet SDK would need (API gateway credential + seed material). No unrelated credentials or binaries are requested.
Instruction Scope: noteSKILL.md stays within wallet behaviour (init, sync, transfer, withdraw, prepare/submit, consolidate). It includes examples that write/read seed files, run a local HTTP daemon bound to 127.0.0.1, and reference additional example env names (MASTER_SEED_HEX, TREASURY_SEED_HEX, SENDDY_DAEMON_PORT) that are not listed as required; these are example patterns rather than hidden requests, but they broaden the operational surface (disk storage of seed, long-lived process exposing a local API).
Install Mechanism: okInstruction-only skill; no install spec or archived downloads in the skill bundle. The SKILL.md instructs users to npm install @senddy/node which is expected and normal for a Node SDK. No arbitrary external URLs or extract/install steps are part of the skill itself.
Credentials: noteRequires SENDDY_API_KEY (primary) and AGENT_SEED_HEX (seed hex). Both are proportionate to a wallet SDK but are highly sensitive: the seed controls funds and the API key controls gateway access. The docs also expose optional config overrides (attestorUrl, relayerUrl, relayer/attestor overrides) which let a deployer point the client at alternative endpoints — useful for self-hosting but could be misused if set to untrusted endpoints. The SKILL.md also references optional envs (SENDDY_DAEMON_PORT, MASTER_SEED_HEX, TREASURY_SEED_HEX) in examples; these are not required but callers should not leak them.
Persistence & Privilege: okSkill is not force-included (always:false) and does not request persistent platform-level privileges. It documents running long-lived agents/daemons, which is normal for a wallet agent. It does not attempt to modify other skills or system-wide agent settings.