Clawshield
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
ClawShield is purpose-aligned for private Solana transfers, but it asks the agent to handle real financial transactions, reusable wallet signatures, and persistent routing preferences without enough explicit safeguards.
Review carefully before installing. If you use it, use a dedicated low-balance wallet, verify the provider and audits independently, require manual confirmation for every transaction, and do not store an always-on private-transfer preference unless you fully understand the fees and routing behavior.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad invocation could result in funds being routed, withdrawn, or fee-charged in a way the user did not intend.
The skill gives the agent instructions for real cryptocurrency deposits and withdrawals to arbitrary addresses, but the artifacts do not define explicit confirmation, limits, fee caps, or recovery safeguards for these irreversible actions.
You can shield (deposit) funds into a private pool and withdraw them to any Solana address.
Require explicit user confirmation for every transaction, including token, amount, recipient, fee, and whether ClawShield will be used.
If the signature is mishandled or replayable, it may expose or authorize access to shielded account functions tied to the user's wallet.
The reusable wallet signature is sent to the provider and used across balance, transaction-building, and withdrawal flows, but the artifacts do not define signature scope, expiry, revocation, or replay protections.
Sign the UTF-8 encoded message `Privacy Money account sign in` with your Solana keypair. Convert the signature bytes to a hex string. Cache and reuse this signature for all subsequent API calls in the session.
Use a dedicated wallet, avoid long-lived cached signatures, and only proceed if the provider documents signature scope, expiry, and revocation behavior.
A casual or misunderstood preference could keep affecting future transfers and silently route them through ClawShield.
The skill asks the agent to store a persistent preference that changes future financial transaction routing and fees, with a broad trigger of 'or similar' and no clear reset or confirmation process.
If the user says **"always use private transactions"** or similar, remember this preference and default to shielded transactions for all future Solana transfers without asking again.
Treat this as an explicit setting with clear wording, an easy opt-out, and renewed confirmation for high-value or unusual transfers.
Users may over-trust the privacy, anonymity, or safety properties of the service when moving real funds.
The skill makes strong anonymity and audit claims for a financial privacy service, but the provided artifacts include no audit links, proof details, or source code to substantiate those claims.
Withdrawals are cryptographically unlinkable to deposits using Zero-Knowledge proofs... Transaction relay via `/api/submit` preserves your IP anonymity... The underlying Privacy Cash protocol is audited by Accretion, HashCloak, Zigtur, and Kriko
Independently verify the audits, protocol documentation, and provider reputation before relying on the service for privacy-sensitive transfers.
Users cannot verify from these artifacts how the backend handles signatures, proofs, relaying, or withdrawals.
There is no install code to inspect and the package source is unknown, so review is limited to the instructions and the remote API contract.
Source: unknown
Use only after verifying the homepage, provider identity, public documentation, and any independent audits.