Nova
ReviewAudited by ClawScan on May 10, 2026.
Overview
Nova is a coherent wallet-automation skill with clear safety guidance, but it can install/use an external CLI to move real funds and handle wallet secrets.
Use this skill only if you trust the nova CLI package and intend the agent to help with wallet operations. Before approving any send or withdrawal, verify the network, recipient, amount, stablecoin, and blockchain yourself, and keep private keys, recovery phrases, and claim links out of shared chats and logs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs a send or withdrawal with the wrong amount, address, or network, real funds could be moved and may not be reversible.
The nova CLI can submit financial transfers immediately, and repeated execution can send funds multiple times. The skill discloses this and instructs dry-run and user confirmation, so this is a purpose-aligned risk note rather than a concern.
No interactive confirmation. Non-idempotent: re-running sends again. Use `--dry-run` (`-d`) to validate inputs and preview without submitting.
Only approve send or withdraw commands after checking the exact amount, recipient, blockchain, and mainnet/testnet network; use dry-run first for any non-trivial transaction.
Anyone who sees a private key, mnemonic phrase, or equivalent wallet secret may be able to control the wallet and funds.
The skill includes wallet key and recovery-phrase export operations, which are sensitive account-control material. The instructions acknowledge the risk and tell the agent to warn the user and avoid logging secrets.
Key material is **secret**: Never log/export keys or phrases into shared/persistent contexts. Warn user before `export` operations.
Do not ask the agent to display or store private keys or recovery phrases unless you have a safe, private backup process outside shared chats and logs.
Installing or running the external package gives that package code execution on the user's machine and access to the wallet context it manages.
The skill relies on an external npm package that is not included in the reviewed artifacts and is not version-pinned. This is normal for a CLI integration, but users should treat the package provenance as part of the trust decision.
If `nova` is not installed, install with: `npm install @mynthai/nova` ... Or run without installing via npx
Install only from the intended npm package, consider pinning or verifying the version, and review the upstream project before using it for real funds.
A leaked claim URL could allow someone else to claim funds intended for the recipient.
Claim links can grant access to funds, and the skill explicitly warns not to place them into persistent or shared contexts. This is appropriate handling guidance for sensitive wallet outputs.
Treat `claimUrl` as a **secret credential**: Never paste into shared chats/tickets/docs or persistent logs.
Share claim links only through a private channel intended for the recipient, and avoid saving them in agent memory, tickets, or shared documents.