SilkyWay
v1.0.9Agent banking and payments on Solana. Send and receive stablecoins with cancellable escrow transfers. Optional on-chain accounts with policy-enforced spendin...
⭐ 0· 624·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (agent banking/payments on Solana) matches the code and SKILL.md. The package is an npm CLI (@silkysquad/silk) that implements wallet creation, escrow transfers, claim/cancel, on-chain accounts, contacts, and a support chat — all coherent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to install and run the 'silk' CLI and references the expected config paths (~/.config/silkyway). The runtime instructions and included code only call the SilkyWay API (api.silkyway.ai / devnet-api.silkyway.ai) and the app web UI (app.silkyway.ai). One inconsistency: the code reads process.env.SILK_API_URL to override the API base, but the skill metadata/requirements do not declare this env var — this allows changing the server the CLI talks to and should be considered by deployers.
Install Mechanism
Install is an npm package (@silkysquad/silk). This is a standard distribution channel for a CLI; risk is moderate but expected for a Node.js CLI. No arbitrary HTTP download/extract install steps are present.
Credentials
The skill declares no required credentials or env vars, which aligns with the functionality. However, the code stores private keys locally (bs58-encoded) in ~/.config/silkyway/config.json in plaintext — expected for a simple CLI but a sensitive practice. Also, the code respects an undocumented SILK_API_URL env var which can redirect API calls to an arbitrary endpoint; that environment override is not described in SKILL.md/metadata and increases attack surface if misconfigured or set maliciously.
Persistence & Privilege
The skill is not always-included and uses normal autonomous invocation defaults. It persists its own config and contacts under ~/.config/silkyway and does not attempt to modify other skills or system-wide settings. Writing local wallet config (including private keys) is expected for a CLI wallet but is a sensitive action — documented in SKILL.md.
Assessment
This skill appears to do what it says (a Solana payments CLI) and uses an expected npm install path, but review these before installing or using with real funds:
- Private keys are stored locally and unencrypted in ~/.config/silkyway/config.json (bs58). Protect that file, avoid syncing it to cloud backups, and restrict filesystem permissions.
- There is an undocumented environment override: setting SILK_API_URL will redirect the CLI to any server. Only set this if you trust the server. A malicious endpoint could respond with crafted payloads or accept signed transactions; the private key itself still stays local, but changing the endpoint can alter transaction flows.
- Verify the npm package origin (publisher, npm page, GitHub repo and releases) before installing globally. Confirm the published package includes the expected dist/cli binary and matches the source repository.
- On first use, prefer devnet (test tokens) to exercise functionality before using mainnet with real USDC.
- If you need stronger protection, consider using an encrypted key store or hardware signer rather than keeping raw secret keys in a plaintext config file.
If you want, I can: (1) list exact files that hold private keys/config, (2) show the calls that use SILK_API_URL, or (3) draft a short checklist to harden local config and permissions before use.Like a lobster shell, security has layers — review code before you run it.
latestvk979snrrg33a5pfpx80wrc4yad818snx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binssilk
Install
Silk CLI
npm i -g @silkysquad/silk