Verdikta Bounties Onboarding

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill is transparent about being a crypto hot-wallet bounty bot, but it gives the agent automated authority to sign blockchain transactions and spend wallet funds, so it deserves careful review before use.

Install only if you are comfortable giving this skill a dedicated low-balance crypto hot wallet. Do not import your primary wallet, verify the configured Verdikta URLs before signing or swapping, review any files before submission, and consider using manual flows for high-value transactions.

Static analysis

Dangerous exec

Critical

Finding: Shell command execution detected (child_process).

Env credential access

Critical

Finding: Environment variable access combined with network send.

Env credential access

Critical

Finding: Environment variable access combined with network send.

Env credential access

Critical

Finding: Environment variable access combined with network send.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

High

What this means

If the configured API endpoint, config file, or returned transaction data is wrong or compromised, the bot wallet could sign an irreversible transaction that spends or moves funds within that wallet.

Why it was flagged

The script fetches transaction data from the configured API and passes it directly to the transaction-sending helper for wallet signing and broadcast.

Skill content

fetch(`${baseUrl}/api/jobs/${jobId}/submissions/${submissionId}/finalize`, ...); ... sendTx(signer, 'finalizeSubmission', finalizeData.transaction)

Recommendation

Use only a dedicated low-balance bot wallet, verify VERDIKTA_BOUNTIES_BASE_URL/RPC settings before running, and prefer manual review or publisher-added allowlists for transaction destination, chainId, value, and calldata.

#ASI03: Identity and Privilege Abuse

Medium

What this means

Anyone who can access the keystore and password can potentially use the bot wallet; the agent can also use the stored API key to act as the registered bot.

Why it was flagged

The skill deliberately reads sensitive wallet configuration and password material from a persistent local config file.

Skill content

"path": "~/.config/verdikta-bounties/.env", "fields": ["VERDIKTA_WALLET_PASSWORD", "VERDIKTA_NETWORK", "VERDIKTA_BOUNTIES_BASE_URL", "VERDIKTA_KEYSTORE_PATH"], "sensitive": true

Recommendation

Do not import a main wallet. Use a separate hot wallet with minimal funds, keep the config directory private, and rotate/remove the API key and wallet if you uninstall or stop using the skill.

#ASI07: Insecure Inter-Agent Communication

Low

What this means

Files submitted as bounty work may leave the local machine and become available through the platform/IPFS workflow, so sensitive or private files should not be submitted accidentally.

Why it was flagged

Submitting work sends user-selected files to the Verdikta API and IPFS as part of the bounty workflow.

Skill content

## Submit work (upload to IPFS)

`POST /api/jobs/:jobId/submit`

Upload raw files — do NOT zip them yourself.

Recommendation

Only submit files intentionally prepared for the bounty. Review file paths before running submit_to_bounty.js and avoid secrets, credentials, private source, or personal data unless you are comfortable publishing them.

#ASI05: Unexpected Code Execution

Low

What this means

Running onboarding executes local JavaScript helper code in addition to the interactive setup.

Why it was flagged

The static scan shows onboard.js spawning a bundled Node helper process, likely for the documented smoke test.

Skill content

const p = spawn(process.execPath, ['bounty_worker_min.js'], {

Recommendation

Run onboarding only from a trusted copy of the skill and review scripts before granting wallet funds.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

The install source and npm dependency resolution affect what code runs locally with access to the wallet configuration.

Why it was flagged

The documented manual install path pulls from GitHub and installs Node dependencies.

Skill content

git clone https://github.com/verdikta/verdikta-applications.git /tmp/verdikta-apps ... npm install

Recommendation

Install from the expected repository, inspect package.json/package-lock if available, and avoid running npm install from an untrusted fork or modified checkout.