Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent identity and reputation registration
v0.2.3Register and manage agent identity, reputation, and feedback on Solana and EVM chains using the multi-chain ERC-8004 Agent Registry protocol.
⭐ 0· 1.5k·1 current·1 all-time
byMonteCrypto@montecrypto999
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and included README/skill.md describe a multi-chain MCP (ERC-8004) agent registry with search, reputation, wallet management, and registration operations. The runtime instructions (wallet store, wallet_create, agent_register, reputation queries) are coherent with that purpose.
Instruction Scope
SKILL.md instructs spawning an external process via npx @quantulabs/8004-mcp and calling many wallet- and transaction-related tools (initialize/encrypt wallet store, create/unlock wallets, build transactions). These instructions require handling private keys, master passwords, and potentially broadcasting on-chain transactions. They also reference loading .env and using NETWORK_MODE — so the runtime may access environment variables and local files not declared in the registry metadata. That broadens the skill's runtime privileges and risk surface.
Install Mechanism
There is no formal install spec in the registry entry, but the instructions explicitly use npx to fetch/run @quantulabs/8004-mcp at runtime. Using npx downloads and executes code from the npm registry (possibly latest unpinned package), which is an install-time network fetch of third‑party code. This is higher risk than an instruction-only skill that only runs built-in tools, because it executes external code that must be reviewed separately.
Credentials
The skill metadata declares no required environment variables, but the README/SKILL.md mention .env loading and examples set env vars (NETWORK_MODE, DEFAULT_CHAIN). The runtime server writes a local wallet store (encrypted with a master password), a local SQLite cache, and will read/write files in the current directory. That means the skill can access environment variables and files on disk (including a .env) that were not declared — and it will cause the agent to handle sensitive secrets (master password, private keys).
Persistence & Privilege
always:false (normal). However, the server creates persistent state (encrypted wallet store, local SQLite cache, optionally .env and config files) on disk. Persistence is expected for a wallet/registry server, but you should be aware it will store sensitive artifacts locally and could retain keys/transaction history between sessions.
What to consider before installing
This skill appears to implement a multi-chain agent registry and wallet manager, which is consistent with its files — but it instructs the agent to run an npm package via npx and to create/manage encrypted wallets and a local database. Before installing or running: 1) Review the actual @quantulabs/8004-mcp package source (npm/GitHub) and its published version to ensure you trust it. 2) Avoid running npx on machines that hold unrelated secrets — the server loads .env and runs in your environment. 3) Do not hardcode master passwords in examples; use a secure secret workflow and understand where the encrypted wallet store is written. 4) Prefer running this in an isolated environment/container to limit exposure. 5) If you plan to register agents or send real transactions, be sure you control the funds and keys and understand on-chain costs. If you cannot review the upstream package, treat this skill as high-risk and avoid running it with real funds or on sensitive hosts.Like a lobster shell, security has layers — review code before you run it.
latestvk976a299a1mx7h90cf1a338ghh80edke
License
MIT-0
Free to use, modify, and redistribute. No attribution required.