ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sally AI

Chat with Sally about metabolic health, blood sugar, A1C, nutrition, fasting, supplements, and lab results. Uses the Sally MCP server on Smithery with x402 m...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
5 · 575 · 2 current installs · 2 all-time installs
bySally Labs@sally-labs
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Requiring the smithery CLI and an x402 wallet is consistent with the skill's stated micropayment-based design for a paid chat service. Asking the user to register an MCP endpoint with Smithery aligns with that purpose. However, the way the private key is delivered (embedded in the mcp add URL/command) is not a necessary or standard practice for a chat-only skill and raises concerns.
!
Instruction Scope
SKILL.md explicitly instructs users to include their wallet private key in the smithery mcp add command (as a URL query parameter). That exposes the private key to shell history, process listings, and possibly logs. The README claims 'Clawbot never sees your private key' and that Smithery stores it encrypted, but the instructions grant Smithery full custody of the private key — this is broader scope than a typical chat skill and is a sensitive, high-risk action.
Install Mechanism
Install uses npm formula @smithery/cli@latest to create the smithery binary. Installing a CLI from the npm registry is a common pattern (moderate risk). Using the @latest tag is convenient but less reproducible and could introduce unexpected updates; no obscure download URLs are present.
!
Credentials
The skill declares no required env vars, yet the runtime instructions require you to hand over a private key to an external service. Requesting a wallet private key (sensitive credential) is disproportionate for a chat skill unless the payment design truly requires key custody. The documentation does not offer safer alternatives (e.g., local signing, hardware wallet, remote signing via OAuth) and exposes the key in command-line form.
Persistence & Privilege
The skill is not always-enabled, requests no config paths, and does not ask to modify other skills. It does rely on a third-party cloud (Smithery) to store keys, but the skill itself does not request elevated persistent platform privileges.
What to consider before installing
This skill’s payment model (Smithery + x402) can be legitimate, but do not paste your wallet private key into a command or URL unless you fully trust Smithery and understand the risks. Command-line/private-key exposure can leak via shell history, process lists, CI logs, or backups. Before installing/use: (1) Confirm Smithery and the Sally MCP source code (the GitHub repo) are trustworthy and review how Smithery stores and uses keys. (2) Prefer safer signing options (smithery auth login, hardware wallet, remote signing, or ephemeral wallets) instead of embedding a raw private key. (3) If you must proceed, create a dedicated hot wallet with minimal funds as the skill advises and pin the smithery CLI to a specific, reviewed version instead of @latest. (4) Consider testing with an empty/low‑value wallet first and monitor chain transactions. If you are not comfortable with Smithery having custody of a private key, do not install or use this skill.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.4
Download zip
latestvk971tf84kfs438w7k51g785v4x81w3da

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🩺 Clawdis
Binssmithery

Install

Install Smithery CLI (npm)
Bins: smithery

SKILL.md

Sally AI

Chat with Sally about metabolic health via chat-with-sally MCP tool. Requires Smithery setup with x402 wallet.

Setup (once)

Important: This setup stores your private key only in Smithery's cloud. Clawbot never sees or has access to your wallet private key.

Step 1: Login to Smithery

smithery auth login

Step 2: Add Sally AI MCP connection

smithery mcp add "sally-labs/sally-ai-mcp?privateKey=0xYOUR_PRIVATE_KEY" \
  --id sally-ai \
  --force

Replace 0xYOUR_PRIVATE_KEY with your dedicated wallet's private key (must include 0x prefix).

Security Note: Your private key is stored encrypted in Smithery's cloud, NOT on your local machine. Clawbot communicates with Smithery's API but never accesses your private key.

Step 3: Verify connection

smithery tool call sally-ai chat-with-sally '{"message": "What is metabolic health?"}'

Quick Start

Use chat-with-sally tool with {"message": "user's question"}:

  • Pass the user's message exactly as-is — do not rephrase
  • Extract report.message from the JSON response and present it to the user
  • Preserve any citations Sally includes

Scope

  • Blood sugar, A1C, insulin resistance, glucose management
  • Nutrition, glycemic index, meal planning, food science
  • Fasting, intermittent fasting, time-restricted eating
  • Supplements (berberine, chromium, magnesium)
  • Lab results (A1C, fasting glucose, lipid panels)
  • Exercise, sleep, circadian rhythm and metabolic effects

Security & Privacy

Clawbot never sees your private key. Your wallet private key is stored only in Smithery's cloud and accessed via authenticated API calls.

How It Works

Clawbot → Smithery API → Sally MCP
         (API auth)    (uses stored private key)
  1. Setup: You configure the connection once with your private key
  2. Storage: Private key stored encrypted in Smithery's cloud
  3. Usage: Clawbot calls Smithery's API (authenticated by your Smithery account)
  4. Execution: Smithery uses your stored private key to sign x402 transactions
  5. Isolation: Clawbot never has access to your wallet private key

Private Key Best Practices

  • Use a dedicated hot wallet: Create a separate wallet just for Sally AI
  • Limit funds: Keep only $5-10 in this wallet
  • Never use your main wallet: Protect your primary assets
  • Monitor transactions: Check Base blockchain explorer regularly

Data Flow

  • User messages sent to Sally's backend (api-x402.asksally.xyz) via Smithery MCP
  • Sally processes questions and returns responses with citations
  • No personal health data collected or stored (knowledge-focused mode)
  • Each interaction logged on-chain (Base network) as transparent payment record

Why x402 Design

  • Eliminates API key management — your wallet is your identity
  • Micropayments ensure fair usage without subscriptions or rate limits
  • On-chain transparency means every payment is auditable
  • Smithery is a trusted MCP registry (used by Claude, OpenClaw, and other platforms)

Verification

Notes

  • Knowledge-focused endpoint — no personal health data collection
  • Does not analyze food photos through this tool
  • Each call costs a small x402 micropayment from your wallet
  • Do not add your own medical commentary to Sally's responses
  • Sally is not a doctor — always recommend consulting a healthcare professional

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…