Clawdwallet
WarnAudited by ClawScan on May 10, 2026.
Overview
Clawdwallet is openly an agent-controlled crypto wallet, but it would let an agent and unreviewed extension handle seed phrases and sign transactions without clear safeguards.
Only consider this skill with a dedicated, low-value wallet and after independently reviewing the extension source. Do not import an existing seed phrase with real funds. Keep the WebSocket local and protected, and require explicit human review for every signature or transaction.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent, extension, local gateway, or installed code is compromised or misused, the user's funds could be permanently transferred.
A wallet mnemonic is equivalent to full control over the user's crypto accounts. The supplied artifacts do not clearly limit how the agent or extension stores, uses, or protects this credential.
{"type": "init_wallet", "mnemonic": "your twenty four words..."}Do not import an existing valuable seed phrase. Use a dedicated low-balance wallet, require explicit human approval for every transaction, and verify how the extension stores and protects keys before use.
An agent could approve a malicious or mistaken transaction, token approval, or signature that causes loss of assets or account compromise.
The documented command lets an agent approve a dApp request, including transaction-signing flows shown elsewhere in the same artifact, without documenting enforced limits or mandatory user confirmation.
{"type": "sign_and_respond", "requestId": "uuid"}Require transaction simulation, destination/value display, chain and dApp allowlists, spending caps, and explicit user confirmation before any signing or transaction submission.
A misconfigured or exposed gateway could allow the wrong process or agent to control wallet actions.
The wallet control channel is a WebSocket, but the artifacts do not document authentication, authorization, message origin checks, or per-command permission boundaries for this high-impact interface.
Multi-chain wallet extension your agent controls via WebSocket. ... default: `ws://localhost:3033/clawdwallet`
Use authenticated local-only communication, never expose the WebSocket, restrict which agent can connect, and require user-visible approval for signing commands.
Users would be trusting external, unreviewed extension code with wallet keys and transaction signing authority.
The skill under review contains no code, but instructs users to install and run an external browser-wallet codebase or prebuilt extension without a pinned version or included review evidence.
git clone https://github.com/NeOMakinG/clawdwallet.git cd clawdwallet npm install npm run build # Or use pre-built dist/ folder directly
Pin a specific audited commit or release, include reviewed source and lockfiles, avoid unverified prebuilt bundles, and verify the extension before giving it any wallet seed or funds.