clawmegle staking
v1.0.0Stake $CLAWMEGLE tokens to earn dual rewards (ETH + CLAWMEGLE) from Clanker LP fees. Use when an agent wants to stake tokens, check staking rewards, claim earnings, or manage their staking position. Supports both Bankr API and direct wallet transactions.
⭐ 0· 1.2k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (stake/claim/manage CLAWMEGLE staking) matches the scripts and calldata in the repository. However the registry metadata and SKILL manifest are inconsistent with the implementation: the scripts call 'cast' and use python3, but the declared required binaries are only curl, jq, and bc. The SKILL.md also instructs the user to create a Bankr config file at ~/.clawdbot/skills/bankr/config.json and optionally put keys in ~/.clawdbot/wallets, but the skill metadata declared no required config paths or env vars. These omissions are disproportionate to what the skill actually needs and may confuse users about what will run on their machine.
Instruction Scope
The runtime instructions (SKILL.md + HEARTBEAT.md + scripts) instruct the agent to read local config files and environment variables (PRIVATE_KEY, ~/.clawdbot config files, optional wallet files) and to sign & submit on-chain transactions (via cast or via Bankr). That behavior is within a staking skill's purpose, but the instructions also provide a HEARTBEAT with automated decision logic (auto-claim when thresholds reached, 'consider staking' automatically) which grants the agent open-ended autonomy over funds if the user wires the heartbeat into an autonomous routine. The SKILL.md does not make the PRIVATE_KEY / config requirements explicit in registry metadata, so the instruction scope is broader than declared.
Install Mechanism
This is instruction-only with no install spec, so nothing is automatically downloaded or executed during install. The files are included in the skill bundle; risk is limited to what those scripts do when the user runs them. No external archives or untrusted download URLs are used by an installer.
Credentials
The skill requires sensitive secrets at runtime: either a Bankr API key stored in ~/.clawdbot/skills/bankr/config.json or a PRIVATE_KEY environment variable / wallet file to sign transactions. Yet the registry metadata declares no required env vars or config paths. Hiding these requirements is misleading — any user running scripts that use PRIVATE_KEY will be exposing a signing key. Requiring a private key is proportionate to sending transactions, but it must be declared up-front and handled carefully; the current package fails to do so.
Persistence & Privilege
always:false (good) and the skill doesn't request to modify other skills or global agent config. However HEARTBEAT.md explicitly suggests periodic autonomous checks, auto-claim thresholds, and state files (memory/clawmegle-staking.json), so if a user integrates the HEARTBEAT into an autonomous agent it can manage funds (claim, deposit, stake) without per-transaction confirmation. That autonomy is not inherently malicious but increases blast radius — users should not enable autonomous heartbeats without explicit safeguards.
What to consider before installing
This skill's scripts do what a staking utility would — read balances, encode calldata, and sign/send transactions — but there are important red flags you should address before use:
- Missing declared dependencies: the scripts call 'cast' (Foundry tool) and use python3, but the skill only listed curl, jq, and bc. Make sure you have 'cast' and python3 installed and inspect how they are used.
- Undeclared secret/config requirements: the SKILL.md instructs you to store a Bankr API key at ~/.clawdbot/skills/bankr/config.json or to export PRIVATE_KEY. The registry metadata did not declare these. Treat this as sensitive — do not paste your private key into a shell unless you fully trust the code and developer.
- Scripts sign and broadcast transactions: claim.sh, stake.sh, unstake.sh call cast with --private-key or instruct Bankr to submit arbitrary calldata. Any compromise or mistake could move funds. Prefer using Bankr API (so your signing key is managed by Bankr) or a hardware wallet rather than exporting a raw private key to env.
- Autonomous behavior: HEARTBEAT.md gives auto-claim/auto-stake decision logic. Do not enable automatic heartbeats unless you explicitly want the agent to operate autonomously with your funds and you accept the risk.
- Verify the contract and actor: independently verify the contract addresses on a block explorer (Basescan) and confirm the contract code/ownership before depositing funds. The skill's repository and owner appear to be from an unknown source — consider auditing the code or testing with a very small amount first.
Concrete next steps before installing or running with real funds:
1. Inspect the bankr skill implementation referenced by bankr.sh; verify its origin and that it does not exfiltrate secrets.
2. Run the scripts locally in a safe environment and test read-only commands (check.sh, balance.sh) using a watch-only address (no PRIVATE_KEY exported).
3. If you must sign transactions, prefer submitting via Bankr (so you do not export PRIVATE_KEY to shell) or use a hardware wallet integration instead of setting PRIVATE_KEY in env.
4. Ask the publisher to update metadata: declare required binaries (cast, python3), declare required config paths and env vars (Bankr config and/or PRIVATE_KEY), and document heartbeat/autonomy clearly.
Given the mismatches between declared metadata and the actual scripts, treat this skill as 'suspicious' until those gaps are resolved and you validate the bankr integration and contract addresses.Like a lobster shell, security has layers — review code before you run it.
latestvk9787df4abkyecypkbt3dexcs180mypd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🥩 Clawdis
Binscurl, jq, bc