Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawdwallet
v0.1.0Install and control ClawdWallet - a multi-chain Web3 wallet Chrome extension controlled by Clawdbot agents. Use when setting up agent-controlled wallet, connecting to dApps, signing transactions, or managing crypto across 20+ chains (EVM, Bitcoin, Solana, Cosmos). Powered by ShapeShift hdwallet.
⭐ 0· 1.8k·7 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description (agent-controlled Web3 wallet extension) match the SKILL.md: it documents loading a Chrome extension, a WebSocket control channel, JSON commands for initializing/generating wallets and signing requests, and supported chains. Required capabilities align with the declared purpose.
Instruction Scope
Instructions explicitly direct users/agents to provide raw mnemonics via JSON messages and to accept and act on dApp signature requests. There is no guidance or enforcement of secure key handling (no authenticated or encrypted channel, no mnemonic encryption, no replay/authorization controls). The SKILL.md also instructs cloning and building an external repo and loading a browser extension—actions that expand scope to downloading and executing third-party code and handling sensitive secrets.
Install Mechanism
Although the skill bundle itself contains no install spec, the runtime instructions tell operators to git clone https://github.com/NeOMakinG/clawdwallet.git and run npm install/build. That is a supply-chain risk: pulling and running arbitrary code from an external repo (unknown ownership) and running npm install (which can fetch many third-party packages) is high-risk unless the repo and dependencies are audited and signatures verified.
Credentials
The skill declares no environment variables or credentials, yet its operation requires handling highly sensitive secrets (wallet mnemonic) and a control WebSocket URL. The instructions expect the mnemonic to be sent to the agent/extension, which is a disproportionate exposure of secrets that is not justified or mitigated in the doc (no use of hardware wallets, secure enclaves, wss with auth, or ephemeral key wrapping).
Persistence & Privilege
always is false and there are no install-time changes declared in the skill bundle. However, the SKILL.md asks operators to modify a gateway config to enable the extension and to run and host a WebSocket endpoint locally. That is normal for extension integration but increases attack surface (service running locally that accepts control commands).
What to consider before installing
This skill does what it claims (agent-controlled wallet) but carries notable risks. Before installing or using it: (1) Do NOT transmit your mnemonic to any agent unless you fully trust and have audited the code. (2) Review the GitHub repository and its dependency tree; verify commit authorship and use pinned release tags or cryptographic signatures rather than cloning master. (3) Prefer secure channels: run a locally isolated instance, require TLS/auth for the WebSocket (wss + auth tokens), and restrict access to localhost only. (4) Consider using a dedicated, funded wallet with minimal funds or hardware wallet integrations instead of exposing high-value mnemonics. (5) If you lack the ability to audit the repo and dependencies, avoid running npm install/build from an untrusted source. These mitigations will reduce supply-chain and secret-exfiltration risk.Like a lobster shell, security has layers — review code before you run it.
latestvk974rjt5taaxm73z5t40y92jt180e0gn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.