ClawHub

Nansen Wallet Keychain Migration

Security checks across malware telemetry and agentic risk

Overview

This skill has a coherent wallet-migration purpose, but it repeatedly tells the agent to expose wallet private keys and handle wallet passwords in ways that could leak funds-controlling secrets.

Review carefully before installing. Use this only if you understand that wallet passwords and private keys may appear in agent-visible command output or logs. Prefer a safer workflow where the user runs any password or private-key commands directly in a local terminal, and avoid export-based verification unless output is suppressed or redacted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs agents to run `nansen wallet export default` as a verification step even though the output may contain decrypted private keys. Using secret export as a routine health check unnecessarily exposes highly sensitive wallet material to the agent session, logs, terminal capture, or downstream tooling.

Ssd 3

High
Confidence
99% confidence
Finding
These lines explicitly normalize success criteria as "shows private keys," which directs the agent to reveal the most sensitive wallet secrets during migration validation. Once exposed, private keys can enable irreversible theft of funds and may persist in logs, transcripts, or memory.

Ssd 3

High
Confidence
99% confidence
Finding
The repeated post-migration workflow again requires `nansen wallet export default`, reinforcing a dangerous pattern of exporting decrypted wallet secrets after keychain migration. Repetition makes accidental secret disclosure more likely and operationalizes sensitive key extraction as standard practice.

Credential Access

High
Category
Privilege Escalation
Content
> "Your wallet password is currently stored in ~/.nansen/.env, which is insecure.
> I can migrate it to your OS keychain. Please confirm the password you used when
> creating the wallet, or I can read it from ~/.nansen/.env if you authorize it."

**Step 2 — Migrate:**
Confidence
90% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
- **NEVER store the password** in files, memory, logs, or conversation history
- **NEVER use `--human` flag** — interactive prompts break agents
- If the human authorizes reading `~/.nansen/.env`, read it in the same command
  (`source ~/.nansen/.env && nansen wallet secure`) — do not echo or log the value
- **ALWAYS verify after migration** with `nansen wallet export default` — `wallet show` does NOT prove the password works (it never loads the password)
Confidence
89% confidence
Finding
.env

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal