Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dashpass
v0.8.1Encrypted credential vault on Dash Platform for AI agents. Store and retrieve API keys, tokens, and passwords — encrypted on-chain, decryptable only by you....
⭐ 0· 136·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match what the files and CLI implement: a Dash Platform-backed encrypted vault. Required binaries (node) and the Evo SDK are consistent with interacting with the Dash Platform and performing client-side crypto. Requesting a wallet WIF and an Identity ID is expected for this design.
Instruction Scope
The SKILL.md and included CLI instruct the agent to read process.env.CRITICAL_WIF and DASHPASS_IDENTITY_ID, create/read files under ~/.dashpass (shares, cache, audit.log), encrypt/decrypt locally, and emit secrets to stdout/`eval` (e.g., `env` and `--pipe`). Those behaviors are required for a vault, but they also make it trivial for an agent that can invoke the CLI to fetch plaintext secrets and/or export them into the environment or other processes. The docs claim human confirmation for critical operations, but that enforcement is implemented only via optional mutual-share flows — not automatically enforced.
Install Mechanism
There is no formal install spec; the skill is instruction-only but includes JS files that import @dashevo/evo-sdk. The README/FAQ tells users to run `npm install @dashevo/evo-sdk@3.1.0-dev.1`. Relying on a dev-tag npm package and requiring the user to install dependencies is a moderate operational risk (supply-chain/typo risk) and should be noted; however, there are no external arbitrary download URLs or extracted archives in the repository.
Credentials
The skill requires CRITICAL_WIF (the vault master private key) and DASHPASS_IDENTITY_ID — both directly relevant. However, CRITICAL_WIF is a high-impact secret: possession equals the ability to decrypt all stored credentials. The SKILL.md and code also reference additional optional env vars (DASHPASS_CONTRACT_ID, DASHPASS_CACHE) that are not listed in the declared requires.env. Requiring the master WIF is proportionate to the vault function but substantially raises the blast radius if given to a skill that can be invoked autonomously.
Persistence & Privilege
The skill does not request 'always: true', and model invocation is allowed (default). That is normal, but combined with the skill's need for the master WIF and the CLI behavior (writes share files, a cache, and an audit.log under ~/.dashpass), an agent that can invoke the skill autonomously could retrieve and exfiltrate secrets without further human action unless you configure mutual confirmation and keep the WIF out of persistent environments. The skill does not modify other skills or global agent config.
What to consider before installing
This skill implements what it says (a Dash-backed encrypted vault), but installing it means giving code access paths and/or an environment variable (CRITICAL_WIF) that is equivalent to a master key for all stored secrets. Before installing: 1) Review the included JS files yourself or have a trusted reviewer confirm there are no hidden network endpoints or exfiltration paths. 2) Do not export your production WIF into a long-lived environment variable on a machine where an autonomous agent can run; use a short-lived, tightly controlled process or hardware-backed key if possible. 3) Prefer initializing the mutual-confirmation 2-of-2 flow and keep one share offline or under human control for critical credentials. 4) Be cautious about running the npm install step for a dev-tag package — verify the exact package/version and install from a trusted registry. 5) Consider using DASHPASS_CACHE=none and a dedicated, isolated machine/user account for the vault to limit blast radius. If you cannot review the code or accept the risk of handing a master key to a skill that the agent can call autonomously, treat this as high-risk and do not install.scripts/dashpass-cli.mjs:57
Environment variable access combined with network send.
scripts/dashpass-cli.mjs:39
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97bpb2aa7btnwe9hgq5450djd84y10t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode
EnvCRITICAL_WIF, DASHPASS_IDENTITY_ID