Skillv1.0.2

VirusTotal security

ChaosChain - Agent Trust & Reputation · External malware reputation and Code Insight signals for this exact artifact hash.

Scanner verdict

Apr 29, 2026, 3:11 AM

Hash: f31e41f69ac8062698079b21e9d6d52ac0294278984a054115cf76319a991318
Source: palm
Code Insight: Type: OpenClaw Skill Name: chaoschain Version: 1.0.2 The skill "chaoschain" is designed to verify AI agent identities and reputation on ERC-8004 on-chain registries, with an optional command to register an agent. The analysis of all files reveals the following: 1. **SKILL.md and README.md**: These documentation files clearly state the skill's purpose, commands, and explicitly warn about the `/chaoschain register` command performing an on-chain transaction. They emphasize that the skill is "READ-ONLY by default" and that private keys are only used for registration. There are no hidden instructions or prompt injection attempts designed to mislead the agent into performing unauthorized actions or exfiltrating data. 2. **scripts/setup.sh**: This script performs standard setup tasks: creating a Python virtual environment, installing dependencies from `requirements.txt`, and making Python scripts executable. It contains no malicious commands or unusual system interactions. 3. **scripts/chaoschain_skill.py**: This is the core logic. It connects to various EVM networks using `web3.py` to interact with ERC-8004 Identity and Reputation registries. * **Read Operations**: The `verify`, `reputation`, and `whoami` commands are strictly read-only, querying blockchain data and displaying it. * **Write Operation (`cmd_register`)**: This is the only command that performs an on-chain transaction. It requires `CHAOSCHAIN_PRIVATE_KEY` to be set as an environment variable (as per OpenClaw's secure secret handling). It explicitly warns the user about the transaction, defaults to a testnet (Sepolia) for safety, checks for sufficient ETH for gas, and constructs a benign agent URI for registration. The private key is used solely for signing this specific transaction, with no evidence of exfiltration or misuse. * The contract addresses for ERC-8004 registries are hardcoded and appear legitimate. * The code is clear, well-structured, and lacks any obfuscation. 4. **Wrapper Scripts (scripts/register.py, scripts/reputation.py, scripts/verify_agent.py, scripts/whoami.py)**: These are simple Python wrappers that call the main `chaoschain_skill.py` script within the virtual environment. This is a standard and benign pattern for OpenClaw skills. 5. **requirements.txt**: Lists `web3` and `eth-account`, which are standard and expected dependencies for Ethereum blockchain interaction. There is no evidence of data exfiltration (e.g., reading sensitive files like `~/.ssh`, `~/.aws`, or sending data to external endpoints beyond legitimate RPC calls), malicious execution (e.g., `curl|bash` of unknown payloads), persistence mechanisms, or obfuscation. The on-chain transaction capability is transparently disclosed and implemented with safety defaults. **Classification: benign** The skill is benign. It transparently implements its stated purpose of interacting with ERC-8004 blockchain registries for agent identity and reputation verification. The only on-chain write operation (`register`) is clearly warned, defaults to a testnet, and securely handles private keys via environment variables for signing the intended transaction, without any indication of malicious intent or unauthorized actions.
External report: View on VirusTotal