Bitagent Skill
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill appears purpose-aligned, but it gives an agent wallet-level authority to launch and trade tokens on BSC using a private key, without clearly documented confirmation or safety limits.
Only install this if you are comfortable letting the skill act with a wallet private key. Use a dedicated low-balance wallet, test on BSC Testnet first, manually verify the network, token address, amount, and transaction details before each action, and review the npm dependencies/source before providing any funded key.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken prompt, wrong token address, wrong network, or autonomous invocation could create a token or trade real assets with the configured wallet.
The skill directs the agent to run commands that perform token deployment and trades, including on BSC Mainnet, but the instructions do not include explicit confirmation, transaction preview, or bounded spend controls.
the agent must **execute** `scripts/index.ts` ... `launch` ... Deploys a new agent token ... `buy` ... Buys ... `sell` ... Sells
Require explicit user confirmation for every transaction, show wallet/network/token/amount/gas before signing, default to testnet, and add spend or slippage limits.
Anyone or anything that can invoke this skill with the configured environment may be able to act as the wallet for BitAgent-related transactions.
The script uses a raw wallet private key from the environment to create an account capable of signing blockchain/authentication actions.
const privateKey = process.env.PRIVATE_KEY; ... const account = privateKeyToAccount(privateKey as `0x${string}`);Use a dedicated low-balance wallet, declare the credential requirement in metadata, avoid storing a primary wallet private key, and prefer a scoped signer or approval-based wallet flow.
Installing or updating dependencies could change code that has access to the configured wallet key.
The CLI depends on external npm packages, including the BitAgent SDK. This is normal for the purpose, but dependency provenance matters because the code handles wallet authority.
"dependencies": { "@bitagent/sdk": "^3.1.4", "dotenv": "^17.2.3", "siwe": "^3.0.0", "viem": "^2.45.1" }Install from a trusted source, use the package-lock file, review dependency changes before updates, and avoid running unreviewed versions with a funded wallet.
Running the skill executes local package code that can access the wallet private key environment variable.
The skill intentionally runs local TypeScript CLI code through npm tooling. That execution is central to the stated purpose, but it means local code runs with access to the configured environment.
Ensure dependencies are installed at repo root (`npm install`). ... `npx tsx scripts/index.ts buy --network <bsc|bscTestnet> ...`
Review the script and dependencies before use, run in an isolated environment, and only provide a dedicated wallet key when needed.