Near Multi Account Manager
WarnAudited by ClawScan on May 10, 2026.
Overview
This wallet skill mostly matches its stated purpose, but it needs review because it stores private keys with an unsafe default, can transfer mainnet funds without a built-in confirmation step, and includes unrelated scripts with a hardcoded API token.
Only use this after you understand that it will store NEAR private keys and can move real mainnet funds. Set a strong NEAR_SKILL_KEY or prefer OS keychain-style storage, remove or ignore the unrelated deliverable scripts, and require manual review before any transfer.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or manipulated agent action could send NEAR from the active or specified account, and blockchain transfers are generally irreversible.
The transfer entrypoint only requires a recipient and amount, then calls NEAR sendMoney; the code shown does not require an explicit user confirmation, spending limit, or review step before moving funds.
async function transfer({ from, to, amount, note }) { ... if (!to || !amount) ... const result = await account.sendMoney(to, parsedAmount);Require explicit per-transfer confirmation showing from, to, amount, and network; consider spending limits and avoid defaulting to an active account for transfers unless the user reconfirms it.
If the encrypted accounts file is copied or read on a default setup, the stored private keys may be much easier to decrypt, which could compromise the wallets.
The skill stores NEAR private keys and protects them with a built-in default key unless the user sets an environment variable.
const key = process.env.NEAR_SKILL_KEY || 'default-key-change-in-production'; ... accounts[accountId] = { accountId, privateKey, ... };Do not use a built-in encryption key for wallet private keys; require a user-supplied passphrase or OS keychain storage, declare the credential requirement clearly, and document key rotation/recovery.
This does not appear to be part of the wallet workflow, but it exposes a secret and adds unnecessary external-call code to the distributed skill files.
The package includes a runnable helper script unrelated to NEAR account management that calls an external job API with a hardcoded live bearer token.
hostname: 'market.near.ai', ... 'Authorization': 'Bearer sk_live_iOQS6...'
Remove development or job-submission scripts from the skill package, rotate the exposed token, and keep only documented runtime files needed for the wallet manager.