Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
vultisig-sdk
v0.1.0Use this skill when an agent needs to create crypto wallets, send transactions, swap tokens, check balances, or perform any on-chain operation across 36+ blockchains using threshold signatures (TSS). Vultisig SDK provides self-custodial MPC vaults — no seed phrases, no single point of failure. Fast Vaults (2-of-2 with VultiServer) enable fully autonomous agent operations without human approval.
⭐ 2· 1.5k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (TSS-based multi-chain wallet operations) aligns with the SDK usage in SKILL.md (create vaults, sign, broadcast, swaps). However: (1) the Fast Vault pattern relies on a remote VultiServer co-signer and email verification but the skill declares no credentials, endpoints, or trust model for that server; (2) the SKILL.md also lists importing wallets via BIP39 seedphrases — a capability that requires handling secrets yet the top-level metadata requests no environment variables or storage configuration. These omissions make the declared purpose only partially coherent with the required operational context.
Instruction Scope
The runtime instructions direct the agent to create Fast Vaults (agent holds a share, VultiServer holds the other), perform prepare→sign→broadcast flows, import/export backups and even import BIP39 seed phrases. They also require email verification for Fast Vault creation and reference multiple external services for swaps (THORChain, 1inch, etc.). The instructions imply network calls and sharing signing payloads with an external co-signer (VultiServer) but do not specify endpoints, auth, or limits — giving broad discretion to the agent to interact with remote services and to handle sensitive secrets (seed phrases, vault shares, backup files).
Install Mechanism
This is instruction-only (no install spec, no code files). That reduces installation risk. The SKILL.md points to an npm package and a GitHub repo as the SDK source; using those is a normal approach but the skill does not perform any automatic network downloads itself.
Credentials
The skill declares no required environment variables or primary credential, yet the workflow clearly needs: email delivery/access (for verification codes), likely a VultiServer endpoint and credentials or API keys for co-signing, and possibly API keys for some swap/price services. Asking the agent to manage/ingest seed phrases and vault backups without declaring how those secrets are stored, protected, or supplied is disproportionate and opaque.
Persistence & Privilege
always:false (good) and disable-model-invocation:false (normal). However the documented Fast Vault design explicitly enables fully autonomous agent operations (VultiServer auto-co-signs based on policies). Combined with the other concerns (no declared auth, handling of seed phrases), this gives the skill high real-world impact: an autonomous agent could create and move funds without human intervention if the VultiServer policy allows it. That elevated blast radius should be visible to administrators before enabling the skill.
What to consider before installing
Before installing or enabling this skill, get clear, authoritative answers from the skill provider: (1) Where is the SDK package published (official npm package name) and what is the canonical GitHub repo / maintainer identity? Inspect that repo and npm package before use. (2) Who operates VultiServer? You need explicit configuration: VULTISERVER_URL, authentication tokens, and a trust/SLAs/privacy policy — the skill should declare these as required variables. (3) How are email verification codes delivered and what credentials/access does the agent need to receive them? Avoid giving agent access to an email account unless you control and monitor it. (4) Do not allow the agent to import BIP39 seed phrases or backups unless you fully understand where those secrets are stored and who can access the co-signer service — prefer Secure Vault (human co-sign) for high-value operations. (5) If you intend to run this in production, require human approval/force multi-signer flows for any transfer above a threshold and run the SDK code review/security audit and a sandbox testnet trial first. Additional information that would change this assessment to 'benign': an official, verifiable upstream repo and npm package; explicit config requirements (VULTISERVER_* env vars) documented in the skill metadata; clear trust / operator details for VultiServer; and explicit instructions that limit autonomous transfers (policy/default limits or required human approval).Like a lobster shell, security has layers — review code before you run it.
agent-sdkvk979vxh1cgzgwvgdnbxa8z6r0180hf6zai-agentvk979vxh1cgzgwvgdnbxa8z6r0180hf6zavalanchevk979vxh1cgzgwvgdnbxa8z6r0180hf6zbitcoinvk979vxh1cgzgwvgdnbxa8z6r0180hf6zblockchainvk979vxh1cgzgwvgdnbxa8z6r0180hf6zbscvk979vxh1cgzgwvgdnbxa8z6r0180hf6zclistvk979vxh1cgzgwvgdnbxa8z6r0180hf6zcosmosvk979vxh1cgzgwvgdnbxa8z6r0180hf6zcross-chainvk979vxh1cgzgwvgdnbxa8z6r0180hf6zcryptovk979vxh1cgzgwvgdnbxa8z6r0180hf6zdefivk979vxh1cgzgwvgdnbxa8z6r0180hf6zdexvk979vxh1cgzgwvgdnbxa8z6r0180hf6zerc20vk979vxh1cgzgwvgdnbxa8z6r0180hf6zethereumvk979vxh1cgzgwvgdnbxa8z6r0180hf6zfintechvk979vxh1cgzgwvgdnbxa8z6r0180hf6zlatestvk979vxh1cgzgwvgdnbxa8z6r0180hf6zliquidityvk979vxh1cgzgwvgdnbxa8z6r0180hf6zmpcvk979vxh1cgzgwvgdnbxa8z6r0180hf6zmultisigvk979vxh1cgzgwvgdnbxa8z6r0180hf6zpaymentsvk979vxh1cgzgwvgdnbxa8z6r0180hf6zsdkvk979vxh1cgzgwvgdnbxa8z6r0180hf6zself-custodyvk979vxh1cgzgwvgdnbxa8z6r0180hf6zsigningvk979vxh1cgzgwvgdnbxa8z6r0180hf6zsolanavk979vxh1cgzgwvgdnbxa8z6r0180hf6zswapvk979vxh1cgzgwvgdnbxa8z6r0180hf6zthorchainvk979vxh1cgzgwvgdnbxa8z6r0180hf6ztokenvk979vxh1cgzgwvgdnbxa8z6r0180hf6ztransactionvk979vxh1cgzgwvgdnbxa8z6r0180hf6zvaultvk979vxh1cgzgwvgdnbxa8z6r0180hf6zwalletvk979vxh1cgzgwvgdnbxa8z6r0180hf6zweb3vk979vxh1cgzgwvgdnbxa8z6r0180hf6z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.