Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Arbitrum Bridge Helper
v1.0.1Guide users through official Arbitrum bridge actions—deposits, withdrawals, claims, tracking, and diagnostics—across Ethereum, Arbitrum One, Nova, and testne...
⭐ 0· 42·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill legitimately needs a wallet/key to sign transactions, but SKILL.md directs the agent to find private keys/mnemonics/keystore files on disk while the registry metadata declares no required env vars or config paths. That mismatch (needing secrets but not declaring them) is incoherent and reduces transparency.
Instruction Scope
The instructions explicitly tell the agent to search .env files, local JSON keystores, 'common agent-accessible directories' and 'workspace' files for usable wallets. Those directions are broad and underspecified (no explicit allowed paths, no search limits) and will cause the agent to read potentially unrelated secret-bearing files. The trigger rules are also broad, increasing the chance the agent will perform these searches frequently.
Install Mechanism
This is an instruction-only skill with no install spec or downloaded code, which is the lowest install risk — nothing new is written to disk by installation.
Credentials
No environment variables or config paths are declared, yet the runtime behavior depends on private keys, keystore JSON, and password sources on disk. Requesting or reading such secrets without declaring them is disproportionate and lacks accountability.
Persistence & Privilege
always:false (good) but the skill permits autonomous invocation by default. Combined with instructions to search the host filesystem for secrets, that raises risk: an autonomously-invokable skill that scans for keys can have a large blast radius. The skill does not request persistent system configuration changes, but its runtime disk access is a sensitive privilege that is not constrained.
What to consider before installing
This skill directs the agent to locate and use signing wallets on disk (private keys, mnemonics, keystore files) but does not declare what files or env vars it will read. Before installing, consider: 1) Only install if you fully trust the skill publisher and the agent runtime environment. 2) Prefer skills that require explicit, declared credentials or that integrate with an external signer (hardware wallet, WalletConnect, or an ephemeral signing service) instead of scanning local files. 3) If you must use this skill, restrict its filesystem access (run it in an isolated VM or container with only the minimum wallet files mounted), and require an explicit, per-operation confirmation that the skill will search disk and use a particular path. 4) Ask the publisher to declare exact paths or env names the skill will read, and to limit searches to those paths. 5) Monitor and audit agent actions and logs during first use, and test with small amounts or a testnet first. If you cannot enforce those constraints or do not trust the environment, do not install the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk974qqy9kdxt0q0v5gdktjhths844c20
License
MIT-0
Free to use, modify, and redistribute. No attribution required.