Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Skill
v0.1.3Pay USDC to stay alive. Dead agents fund the living. Survival game on Base.
⭐ 0· 608·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md behavior (manage a self-custodial wallet, register an on-chain identity, heartbeat/pay in USDC, kill/claim on Base) is consistent with the 'Last AI Standing' description. However, the manifest declares no required environment variables or primary credential even though the runtime instructions clearly require a private key (BASE_PRIVATE_KEY) and a Base RPC; that mismatch is unexpected.
Instruction Scope
The instructions tell the agent/human to generate or export a private key (BASE_PRIVATE_KEY), manage real funds, perform swaps, auto-approve USDC allowance (maxUint256), and run arbitrary CLI commands (npx las). These actions are within the game's purpose but involve highly sensitive operations (private key use, unlimited token approvals) and grant the runtime broad discretion to move funds. The README admonitions about never sharing the private key do not mitigate the risk of running unverified code that uses that key.
Install Mechanism
There is no install spec in the registry entry, but SKILL.md's allowed-tools recommend running 'npx last-ai-standing-cli@latest' (and implicitly 'las'). Using npx@latest fetches and executes the newest package from npm at runtime (supply-chain risk), and the package is unpinned (no fixed version). That creates a high-risk execution path because arbitrary code from the npm registry would be run with access to the wallet key and funds.
Credentials
The manifest declares no required env vars or primary credential, yet the instructions require storing BASE_PRIVATE_KEY and likely a Base RPC endpoint; this omission is a significant mismatch. Requiring a private key (and recommending storing it in an env var) is proportionate to managing an on-chain wallet for the game's purpose — but the manifest should explicitly declare that. Also, the automatic approval to maxUint256 is disproportionate to most needs and increases the blast radius if the CLI or package is compromised.
Persistence & Privilege
The skill is not marked always:true and has no install spec that persists code on disk via the registry metadata. Autonomous invocation is allowed (default) but not in itself unusual; there is no evidence the skill attempts to modify other skills or system-wide settings. The main persistence/privilege concern comes from running an external CLI that could persist state locally or request credentials, not from the skill metadata.
What to consider before installing
This skill will ask you to use a private key and run an unpinned npm CLI that auto-approves unlimited USDC allowances — proceed cautiously. Before installing or running: 1) Verify the upstream source (GitHub repo, contact the publisher) and inspect the npm package code yourself or pin to a known-good commit/version instead of 'latest'. 2) Do not use your main or high-value wallet; use a freshly funded ephemeral wallet with only minimal funds required for testing. 3) Prefer hardware-signed transactions or a wallet provider that prevents CLI access to raw private keys. 4) Avoid automatic maxUint256 approvals — if possible, configure explicit allowance amounts or manually approve limited amounts after code review. 5) Confirm the contract addresses and on-chain logic (audit or review the smart contract) before committing funds. If you cannot audit the CLI and contract, treat this as high-risk and do not store significant funds or your primary private key for use with this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk972yydda4t9pwm5rsbaf5tw0581gwv8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.