Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Cast
v0.1.1Skill for managing EVM wallets, transactions, and network helpers via cast; covers onboarding, checks, and operating procedures.
⭐ 0· 1.3k·1 current·1 all-time
byte_za@tezatezaz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The code and scripts align with the stated purpose (managing EVM wallets via cast). However the registry metadata claims no required binaries/env vars while the scripts clearly require cast/foundry, curl, python3 and optionally at; that mismatch is a material omission and should be corrected/understood before installing.
Instruction Scope
SKILL.md and the scripts instruct the agent to run onboarding scripts that create/import keys, save mnemonic and password files under ~/.agent-wallet, and run automatic readiness checks each session. These instructions include storing secrets to disk and performing system actions without further explicit user confirmation (e.g., automatic check_wallet on session start). The agent guidance also tells the agent to avoid surfacing script internals to the user, which reduces transparency.
Install Mechanism
The onboarding script installs Foundry by piping a remote URL into bash (curl -L https://foundry.paradigm.xyz | bash) — executing a remote installer directly is high-risk. The scripts also attempt to install the at utility via apt/sudo when missing. There is no signed or pinned release artifact; arbitrary remote code execution is possible during install.
Credentials
The skill requests no environment variables in metadata but writes secret material to disk: it saves mnemonic files (temporarily) and saves the keystore password in plaintext in ${HOME}/.agent-wallet/pw.txt by default (state_set SAVE_PASSWORD set to 'y'), and copies keystore files from Foundry's keystore directory. It also touches a workspace logs file (logs/tx_mentions.log) when removing a wallet. These are highly sensitive operations and are proportional to a wallet tool functionally but carry substantial secrecy risk and should be explicitly disclosed to users.
Persistence & Privilege
always:false (good). The SKILL.md instructs the agent to run a readiness check automatically each session and the skill is allowed to be invoked autonomously (disable-model-invocation:false). That combination increases the chance the skill will access local state/keystore without a separate explicit user trigger — not forbidden but worth noting so users know the agent may run the check_wallet script automatically.
What to consider before installing
This skill is functionally consistent with a local wallet helper, but it performs sensitive operations and installs code from the network. Before installing or running it: 1) Inspect the scripts locally (especially 01_install_cast.sh and 02–03) and confirm you are comfortable with their behavior. 2) Do not enter real mnemonics or private keys until you've audited the code — test with a throwaway/test wallet first. 3) Be aware the installer uses curl | bash to run Foundry's remote installer; prefer to install Foundry yourself from a verified source before running the skill. 4) The skill saves the keystore password to plaintext in ~/.agent-wallet/pw.txt and writes mnemonic backups to ~/.agent-wallet (it attempts to schedule deletion via at); consider this a security risk. 5) The removal script will attempt to scrub mentions from workspace logs — confirm the workspace path and backups before trusting automatic cleanup. 6) If you plan to use real value, prefer hardware wallets or a manual flow that never writes cleartext mnemonics/passwords to disk. 7) If you still want to try it, run the skill inside a disposable VM/container and verify foundry.paradigm.xyz is the expected, legitimate installer URL and content.Like a lobster shell, security has layers — review code before you run it.
latestvk97861m24rba773e8p8pnmcwen80jnxx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.