Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Fund

v0.1.0

Add money to the wallet. Use when you or the user want to fund, deposit, top up, load, buy USDC, add funds, onramp, or get USDC. Also use when the wallet has insufficient balance for a send or trade operation, or when someone asks "how do I get USDC?"

⭐ 0· 941·5 current·5 all-time

by@0xrag

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description (fund/top up/get USDC) match the SKILL.md. All declared commands (npx awal status/show/address/balance) and the Coinbase Onramp flow are coherent with a wallet-funding purpose. No unrelated binaries, env vars, or config paths are requested.

✓

Instruction Scope

Runtime instructions are narrowly focused on checking auth, opening the wallet UI, selecting amount/payment method, and checking balance afterward. The instructions do not ask the agent to read arbitrary files, access unrelated environment variables, or transmit data to unexpected endpoints. It references an external authenticate-wallet skill for auth, which is appropriate.

ℹ

Install Mechanism

There is no static install spec, but the instructions call 'npx awal@latest ...' which will fetch and execute code from the npm registry at runtime. That is expected for a CLI-based wallet companion, but it carries the usual risk of executing remote package code (especially using @latest). Consider pinning a specific version or auditing the 'awal' package source before running.

✓

Credentials

The skill declares no required environment variables, no credentials, and no config paths. That is proportional to the described purpose. The SKILL.md also does not attempt to read secrets or other environment values.

✓

Persistence & Privilege

always is false and the skill is user-invocable; disable-model-invocation is false (normal). The skill does not request permanent presence or system-wide configuration changes. Allowed-tools limit the agent to a small set of npx commands, though those commands will execute remote code.

Assessment

This skill is coherent with its purpose and doesn't ask for credentials, but it runs 'npx awal@latest' which downloads and executes an npm package at runtime. Before using: (1) verify and audit the 'awal' package and its publisher (avoid blindly running @latest); (2) consider pinning to a known-good version; (3) run in a trusted environment (not a shared server) and confirm wallet address before receiving funds; (4) prefer official wallet/onramp apps or browser flows if you don't trust executing remote CLI code. If you need higher assurance, request the package source or a reproducible install artifact to review first.

Like a lobster shell, security has layers — review code before you run it.

latestvk970ry6ry9sb77aht12m4db5z980z4rh

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Fund

License

Comments