Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ape.Store Token Create
v1.0.0Deploys a real token on Ape.Store within the BASE blockchain using user-provided name, symbol, description, and optional image.
⭐ 0· 28·0 current·0 all-time
by@mrben1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and packaging implement creating a token via an Ape.Store API call followed by an on-chain contract call on the BASE network. Requesting a private key and RPC URL is coherent with the stated goal (signing and sending a transaction).
Instruction Scope
The SKILL.md mandates running a very specific bash command that contains a hardcoded Windows user path (C:\Users\ben\...\index.js) and instructs the agent to ALWAYS run that exact command and NEVER simulate. That hardcoded path is brittle and leaked developer-specific state; the strict directive to always execute the binary gives the agent no discretion and could cause it to run arbitrary local code if adapted. SKILL.md also omits any mention that the skill uses a private key stored in skill.json, which is an important operational detail.
Install Mechanism
There is no platform install spec (instruction-only), but the package contains Node.js code and a package.json with standard dependencies (ethers, form-data, node-fetch). Installing via npm (as documented in INSTALL.md) is required. Dependencies come from npm (traceable) — moderate risk but expected for this functionality. No remote arbitrary downloads or obscure URLs were observed.
Credentials
The skill requires a private key and RPC URL to sign and send transactions: this is functionally necessary, but the key is stored in skill.json by default (plaintext). Storing high-value private keys in a skill folder is unsafe and the SKILL.md did not disclose this. The code also uploads provided image and metadata to https://ape.store/api/token (expected), which transmits user-supplied name/description/image to an external service.
Persistence & Privilege
The skill is not set always:true and does not request system-wide configuration changes. It does not modify other skills or system settings. It operates at run-time when invoked and returns transaction results.
What to consider before installing
This skill will sign and send a real on-chain transaction and requires you to put your wallet private key (and an RPC URL) into the skill's config (skill.json). Before installing, consider these steps:
- Do not use any wallet/private key that holds substantial funds. Create and fund an ephemeral wallet for testing.
- Inspect and, if needed, replace the hardcoded CONTRACT_ADDRESS and ABI in skill.js to ensure you are interacting with the intended contract. Verify the contract source yourself on a block explorer for BASE.
- Edit SKILL.md to remove the hardcoded developer path and use a relative or configured entry point (index.js). Avoid running unknown hardcoded paths found in docs.
- Keep the private key out of plaintext files where possible: prefer environment injection from a secure secret store or hardware signing where supported.
- Review the code paths that upload images/metadata to https://ape.store/api/token and confirm you are willing to transmit that data to that endpoint.
- Run npm install and execute the skill in an isolated environment (container or VM) and review network traffic if possible.
- If unsure, request the author to document why they chose to instruct an exact local path and to provide an explicit explanation for how they will handle/secure the private key.
Given the combination of developer-specific hardcoded instructions and plaintext private-key use, proceed only after addressing these concerns or using a throwaway test key.Like a lobster shell, security has layers — review code before you run it.
latestvk974hx5nvfvemtt1dzgz2h353s843pa8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.