ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ika Cli

v1.0.2

Guide for using the Ika CLI tool for dWallet operations, validator management, system deployment, and network administration. Use when performing CLI-based d...

0· 103·0 current·0 all-time
byOmer Sadika@omersadika
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the runtime instructions and required binaries. The skill documents usage of the `ika` CLI for dWallet and validator operations and explicitly requires the `ika` and `sui` CLIs — both are expected for the stated functionality.
Instruction Scope
SKILL.md is a command reference and examples for running `ika` and mentions deriving encryption keys from the Sui keystore, reading secret-share files, seed files, and optional config paths. These actions are directly related to dWallet operations; there is no instruction to read unrelated system files, exfiltrate data to external endpoints, or perform actions outside the stated domain.
Install Mechanism
This is instruction-only (no install spec). The README suggests installing via Homebrew, GitHub releases, or building from source — all standard install guidance. There is no embedded download-and-extract install script in the skill itself.
Credentials
The skill declares no required environment variables. It does rely on access to local artifacts (Sui keystore, secret-share files, optional config paths) which is proportionate to a CLI that performs signing/key operations. No unrelated credentials or config paths are requested.
Persistence & Privilege
always:false and no install steps mean the skill does not request permanent elevated presence. It does not modify other skills or system-wide config per the provided content.
Assessment
This skill is a documentation/usage guide for the Ika CLI and appears internally consistent. Before using it: 1) Only install/use an ika binary you obtained from the official project (verify GitHub release checksums or build from source) because the CLI will access local secrets. 2) Be aware that the commands will read your Sui keystore, seed/secret-share files, and may submit transactions — only run them on a machine where those secrets are intended to be used. 3) When invoking the agent with this skill, review any auto-run commands (the agent can call the CLI) before allowing them; don’t supply secret files or keys to untrusted third parties. 4) If you need extra assurance, audit the actual ika binary you install (source/build provenance) and confirm Sui CLI is the official release.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f8znhcmkk7hv4277rqj5db183kdnj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔐 Clawdis
Binsika, sui

Comments