Vincent - A secure wallet for your agent
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill openly provides a crypto wallet for agents, but it gives the agent persistent authority to move funds, swap tokens, sign messages, and interact with smart contracts with limited scoping and approval details.
Review this skill carefully before installing. It is not shown to be malicious, but it can let an agent perform irreversible crypto actions. Only use it with a small-funded wallet, strict spending and destination policies, protected API-key storage, and explicit human approval for every transfer, swap, raw signature, arbitrary contract call, or bet.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or manipulated agent action could transfer funds, swap assets, sign messages, or place bets, potentially causing irreversible financial loss.
These are high-impact financial and signing capabilities. The artifacts disclose them, but do not clearly require user approval for each transaction or define bounded default limits.
Use this skill to safely create a wallet the agent can use for transfers, swaps, and any EVM chain transaction. Also supports raw signing and polymarket betting.
Use only with strict wallet policies, spending caps, allowlisted destinations/contracts, preview-before-execute workflows, and explicit user approval before any transaction, signature, or bet.
The agent could call risky or malicious smart contracts, grant token approvals, or trigger irreversible on-chain effects if the request or contract data is wrong.
Arbitrary smart-contract calldata is a broad escape-hatch capability that can bypass safer, task-specific workflows and interact with unknown contracts.
### 6. Send Arbitrary Transaction Interact with any smart contract by sending custom calldata.
Disable arbitrary transaction sending by default, or require human review of destination, calldata, chain, value, and token approvals before submission.
Anyone or any agent process with access to this token may be able to operate the wallet within its policies.
The Bearer token is persistent delegated authority for wallet operations, but the registry metadata declares no primary credential or required credential contract.
All API requests require a Bearer token (the API key returned when creating a wallet). If you're an openclaw instance, store and retrieve it from `~/.openclaw/credentials/agentwallet/<API_KEY_ID>.json`.
Declare the credential requirement, store the token with restrictive permissions, support revocation and rotation, and scope each token to minimal chains, amounts, contracts, and actions.
A user may underestimate the authority granted to the agent if they focus only on private-key protection.
This safety framing is relevant and may be true, but users should not equate private-key non-exposure with no risk because the agent still receives an API key capable of wallet actions.
**The agent never sees the private key.** All transactions are executed server-side through a smart account. The wallet owner controls what the agent can do via configurable policies.
Clearly explain that the API key is powerful delegated wallet access and show the exact policies, spending limits, and approval requirements before use.
Users have less information to verify the provider and operational security of a service that can affect crypto assets.
There is no local code to review, and the skill depends on a remote financial service, so the lack of source/homepage provenance is important context for users.
Source: unknown Homepage: none
Verify the provider, domain, documentation, and revocation process before funding or authorizing the wallet.