ClawHub

MetaMask Agent Wallet

v0.1.0

Control a sandboxed MetaMask browser extension wallet for autonomous blockchain transactions. Features configurable permission guardrails including spend limits, chain allowlists, protocol restrictions, and approval thresholds. MetaMask-only (other wallets not supported).

5· 1.7k·2 current·4 all-time
byFrancesco@andreolf
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The declared metadata lists no required binaries, env vars, or config paths, but SKILL.md instructs the user/agent to run npm install, npx playwright install, npm run setup, install a MetaMask extension, and create files under ~/.agent-wallet. A MetaMask automation skill would legitimately need browser automation and dependencies, but the package provides no code or install manifest and does not declare the filesystem paths it will use — an internal inconsistency.
!
Instruction Scope
Runtime instructions direct the creation of a Chrome profile, installation of MetaMask, storing wallet seed in the extension/profile, writing logs to ~/.agent-wallet/logs, and reading/writing permissions.json. They also allow signing arbitrary messages and performing transactions. The instructions do not specify how secret material (seed/private keys) is protected, how approval prompts reach the user, or how the agent obtains the code it runs — granting broad, unclear privileges to network and filesystem access.
!
Install Mechanism
There is no install spec in the skill metadata, but SKILL.md tells users to run npm install and npx playwright install, which will fetch and execute code from remote package registries. Without a package.json, source repository, or pinned release URL, this is high risk: npm installs pull arbitrary third-party code and Playwright will download browser binaries. The absence of a verified install mechanism is a red flag.
!
Credentials
The skill declares no required credentials, which superficially reduces risk, but the instructions require creating and funding a wallet and implicitly rely on local private keys managed by MetaMask in the created profile. The skill does not document where secrets are stored, how approvals are authenticated, or what code can access the profile directory. Requesting no env vars while instructing creation of sensitive local secrets is disproportionate and underspecified.
Persistence & Privilege
always:false and user-invocable are appropriate. However, the instructions create persistent artifacts (Chrome profile, extension, permissions.json, logs under ~/.agent-wallet) and will likely run background automation (Playwright controlling a browser). The skill does not request platform-level always-on privileges, but it will leave persistent on-disk state and potentially long-running processes if installed/run.
What to consider before installing
Do not install or run this skill as-is. The SKILL.md requires installing npm packages and Playwright and creating a browser profile and wallet, but the published package contains no source code or install manifest — that mismatch is suspicious. Before proceeding, ask the publisher for: (1) the complete source code or a published release (GitHub/Git tag) you can inspect; (2) a package.json with pinned dependency versions or a vendor-verified bundle; (3) clear instructions for where private keys/seeds are stored and how approvals are delivered to you; (4) an explicit install manifest or cryptographically-signed release (not just 'npm install' from an unspecified registry). If you must test, run it in a fully isolated VM, use a throwaway funded wallet only, inspect permissions.json and blockedMethods, and verify network activity and files created under ~/.agent-wallet. If the publisher cannot provide source or a verifiable release, consider this skill too risky.

Like a lobster shell, security has layers — review code before you run it.

crypto, metamask, wallet, ethereum, defi, web3, blockchain, automation, browservk97ba1gz980gbc8efjhr22nt2580f78tlatestvk97ba1gz980gbc8efjhr22nt2580f78t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments