ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Send Usdc

v0.1.0

Send USDC to an Ethereum address or ENS name. Use when you or the user want to send money, pay someone, transfer USDC, tip, donate, or send funds to a wallet address or .eth name. Covers phrases like "send $5 to", "pay 0x...", or "transfer to vitalik.eth".

0· 886·4 current·4 all-time
by@0xrag
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the runtime instructions: the SKILL.md only tells the agent to run the 'awal' CLI via npx to check status, check balance, authenticate, and send USDC. There are no unrelated binaries, env vars, or config paths requested.
Instruction Scope
Instructions stay on‑topic: they describe how to check auth/status, compose the send command, handle ENS resolution, and handle common errors. They do not instruct the agent to read arbitrary files, exfiltrate data, or access unrelated system state. They reference a separate 'authenticate-wallet' skill for login steps.
Install Mechanism
No install spec is included, but allowed-tools and the SKILL.md rely on running 'npx awal@latest ...' which dynamically downloads and executes a package from the public npm registry. This is expected for a CLI helper but is a moderate risk because arbitrary remote code will be executed at runtime.
Credentials
The skill does not request any environment variables, credentials, or config paths. Wallet authentication is delegated to the 'awal' CLI (or the authenticate-wallet skill) which may prompt the user for credentials or perform an OAuth flow — that is consistent with the purpose and not requested directly by this skill.
Persistence & Privilege
The skill does not request persistent inclusion (always:false) and does not modify other skills or system-wide settings. Autonomous invocation is allowed (disable-model-invocation:false), which is the platform default and not by itself a red flag here.
Assessment
This skill is coherent for sending USDC, but it runs 'npx awal@latest' at runtime — that fetches and executes code from the npm registry each time. Before using: 1) confirm you trust the 'awal' package (check its npm/github page, maintainers, and recent releases); 2) be cautious when authenticating wallets — never paste private keys into prompts you don't trust and prefer hardware wallets or well-known wallet flows; 3) test with a very small amount first; 4) verify recipient addresses and ENS resolutions carefully before confirming a send. If you need stronger assurance, ask for the package's source URL or use a locally audited CLI instead of npx@latest.

Like a lobster shell, security has layers — review code before you run it.

latestvk97809sk3p49h2rsvar8x51jts80zdmp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments