Ape.Store Token Create
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill appears to create Ape.Store tokens as claimed, but it uses a raw wallet private key to send real Base blockchain transactions and passes user text into a bash command without safe quoting or a clear confirmation step.
Only install this if you are comfortable reviewing the code and using a dedicated low-balance wallet. Do not put a main wallet private key in skill.json. Before running it, confirm the exact token details, image path, Base network, contract address, and gas cost, and be aware that the current bash-command pattern should be fixed to safely handle user input.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or accidental token name, description, or image path could cause unintended local shell commands to run.
The skill instructs the agent to insert user-provided NAME, SYMBOL, DESCRIPTION, and optional image path directly into a bash command without shown quoting or escaping. Shell metacharacters in those fields could alter the command, and the command also hardcodes an absolute local path.
bash command:"node \"C:\\Users\\ben\\.openclaw\\workspace\\skills\\ape-store\\index.js\" create a token on ape.store with the name NAME and the symbol SYMBOL and the description DESCRIPTION"
Avoid shell interpolation for user-controlled values. Invoke the packaged Node entry point with structured arguments, quote or escape all fields, validate token fields and image paths, and remove the hardcoded user-specific path.
A matching request could lead to an irreversible Base blockchain transaction and gas fees without a clear pre-flight review.
The instructions push immediate tool execution for a real token deployment and do not require a final confirmation, gas estimate, wallet address check, network check, or contract-address review before sending the transaction.
- ALWAYS run the bash command above using the bash tool - Wait for real output containing TX Hash and Block number
Require an explicit second confirmation before signing or broadcasting, showing the wallet address, network, contract address, token metadata, image path, and estimated gas cost.
If configured with a valuable wallet, the skill can use that wallet to submit on-chain transactions whenever invoked.
The skill uses a raw wallet private key to create a signing wallet and deploy a token. This gives the skill authority to spend gas and submit transactions from the configured wallet.
const wallet = new ethers.Wallet(privateKey, provider); ... const tx = await contract.deployToken(
Declare the wallet credential explicitly, avoid storing a main-wallet private key in plaintext config, use a dedicated low-balance wallet, and prefer a wallet-confirmation or hardware-signing flow.
Token details and any selected image are shared with Ape.Store and may be publicly associated with the wallet address.
The skill sends the creator address, token metadata, and optional image file to Ape.Store's API. This is expected for the stated purpose, but users should understand the data leaves their machine and may become public token metadata.
form.append("creator", creatorAddress);
form.append("name", name);
form.append("symbol", symbol);
form.append("description", description);
...
form.append("image", fs.createReadStream(resolvedPath));
...
fetch("https://ape.store/api/token", {Only provide metadata and image files intended to be public, and verify the selected image path before running the skill.
Users may install and run local Node dependencies that were not clearly declared in the registry metadata.
The registry metadata says there is no install spec and no required binaries, but the included install guide requires Node.js and npm dependency installation. The package files are present, so this is mainly an under-declared setup/provenance issue.
- Node.js installed ... Open a terminal inside the skill folder and run: npm install
Declare Node/npm requirements and install steps in the registry metadata, keep dependencies pinned with a lockfile, and review package provenance before installation.