Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Virtuals
v1.0.0Virtuals Protocol integration for OpenClaw. Create, manage and trade tokenized AI agents on Base.
⭐ 0· 1k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description claim a Virtuals Protocol CLI for Base L2 and the code implements exactly that (ethers.js, Base RPC, token contract address, market data). However SKILL.md contains a '⚠️ TESTNET ONLY for now' warning while the code uses BASE_RPC = 'https://mainnet.base.org' and a contract address labelled 'Base Mainnet' — this is an inconsistency that could cause users to unintentionally operate on mainnet.
Instruction Scope
Runtime instructions and code only perform CLI operations (price, agents list, balance, create, config). The config command stores wallet address and private key in ~/.openclaw/virtuals/config.json and the code reads/writes that file. There are no instructions that exfiltrate data to unknown endpoints, but storing private keys locally (even with file perms) is sensitive and the SKILL.md encourages configuring a private key. The code also attempts to call https://api.virtuals.io and coingecko; these network calls are expected for the stated purpose.
Install Mechanism
No remote archive downloads or obscure installers. The repo uses standard npm dependencies (axios, ethers, commander) and the SKILL.md instructs npm install && npm run build && npm link — a normal Node.js install flow. package-lock.json lists public npm packages.
Credentials
The skill requests no environment variables, which is consistent, but it requires the user to provide a private key via the CLI which is then stored in plaintext JSON at ~/.openclaw/virtuals/config.json (file mode set to 0o600). While a private key is needed to sign transactions, storing it unencrypted in a skill-managed file is sensitive and not clearly justified; the skill does not offer alternative secure signing methods (e.g., hardware wallet, external signer, or encrypted keystore).
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It creates a config directory under the user's home (~/.openclaw/virtuals) and persists configuration there — normal for a CLI but worth noting since it stores sensitive keys locally.
What to consider before installing
Before installing or running this skill: (1) Confirm the source/trustworthiness — registry metadata lists source as unknown and no homepage, even though SKILL.md references virtuals.io. Prefer skills with verifiable upstream repos. (2) Do not paste your mainnet private key into the CLI unless you understand the risk — the skill stores the key in plaintext JSON at ~/.openclaw/virtuals/config.json (file perms 600). Use a throwaway/test wallet or hardware/external signer if possible. (3) Verify whether you intend to work on testnet or mainnet — SKILL.md warns 'TESTNET ONLY' but the code points to mainnet.base.org and a mainnet contract address; this mismatch could cause accidental mainnet transactions and fund loss. (4) Inspect/verify the contract addresses and RPC endpoints hard-coded in the code before using trading/creation commands. (5) If you need full assurance, ask the publisher for source provenance or request that the skill implement secure signing (external signer/hardware-wallet integration) and explicitly support a testnet RPC option.Like a lobster shell, security has layers — review code before you run it.
latestvk979fge1agr5dbd3ks43j5daps80r6rz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎭 Clawdis