v1.4.1

Verdikta Bounties Onboarding

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:08 AM.

Analysis

This is a disclosed but high-impact crypto hot-wallet skill that can autonomously sign Base transactions and spend or claim funds, so it deserves careful review before use.

GuidanceOnly install this if you intentionally want an autonomous crypto bounty bot. Use a new low-balance wallet, start on Base Sepolia, verify the Verdikta API URL and network settings, protect ~/.config/verdikta-bounties, and do not let the bot submit files or sign transactions you have not scoped for this workflow.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

scripts/claim_bounty.js

const finalizeRes = await fetch(`${baseUrl}/api/jobs/${jobId}/submissions/${submissionId}/finalize`, ...); ... const finalizeReceipt = await sendTx(signer, 'finalizeSubmission', finalizeData.transaction);

The script fetches transaction calldata from the configured API and then signs/broadcasts it through the wallet helper, with no artifact evidence of a human confirmation step or recipient/function allowlist in this flow.

User impactA misconfigured or compromised API endpoint could influence what the bot wallet signs, and legitimate use still involves irreversible gas costs, token approvals, bounty funding, or payout finalization.

RecommendationVerify VERDIKTA_BOUNTIES_BASE_URL before use, inspect transactions when possible, keep funds limited, and prefer implementations that enforce contract/function allowlists before signing API-provided calldata.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

README.md

git clone https://github.com/verdikta/verdikta-applications.git /tmp/verdikta-apps ... cd ~/.openclaw/skills/verdikta-bounties-onboarding/scripts ... npm install

The install path relies on cloning an external repository and installing Node dependencies, which is expected for this skill but adds supply-chain trust requirements.

User impactUsers are trusting the referenced repository and npm dependency resolution for code that can access a crypto wallet.

RecommendationInstall from a trusted source, review package dependencies, and avoid running npm install from an unexpected fork or modified repository.

Unexpected Code Execution

SeverityInfoConfidenceMediumStatusNote

scripts/onboard.js

const p = spawn(process.execPath, ['bounty_worker_min.js'], {

The onboarding flow spawns a local Node helper script. The referenced helper is present and described as a read-only open-bounty listing smoke test, so this appears purpose-aligned.

User impactOnboarding can run additional local script code beyond the top-level command.

RecommendationRun onboarding only from the expected skill directory and review helper scripts before configuring wallet credentials.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

scripts/_lib.js

const keystorePathRaw = process.env.VERDIKTA_KEYSTORE_PATH; const password = process.env.VERDIKTA_WALLET_PASSWORD; ... const json = await fs.readFile(keystorePath, 'utf-8'); return Wallet.fromEncryptedJson(json, password);

The scripts load a local encrypted wallet using a password from configuration, giving the skill signing authority over the funded bot wallet.

User impactIf installed and configured, the agent can control the bot wallet and authorize blockchain transactions with real funds.

RecommendationUse only a dedicated low-balance bot wallet, prefer testnet first, do not import a primary wallet, and protect the keystore and password file carefully.