ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawcast - Easiest Ethereum Crypto Wallet

v1.0.2

Skill for managing EVM wallets, transactions, and network helpers via cast; covers onboarding, checks, and operating procedures.

6· 2k·0 current·0 all-time
byte_za@tezatezaz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name/description (cast-based EVM wallet helper) matches the scripts' behavior, but the registry metadata declares no required binaries/env yet the scripts require and invoke cast/foundry, curl, python3, and optionally at/sudo. That discrepancy (declared requirements: none vs actual scripts: many) is incoherent and should have been declared.
!
Instruction Scope
SKILL.md instructs the agent to run the included scripts automatically (e.g., run check_wallet each session and run onboarding scripts). The scripts prompt for sensitive input (mnemonic/private key/password), write those to disk, and run remote installers. SKILL.md also promises an auto-delete fallback for mnemonics (background sleep) but the implementation only schedules deletion via 'at' (and attempts to apt-get install it), so the actual behavior doesn't fully match the instructions. The agent guidance to 'always run check_wallet automatically' grants the skill broad, repeated filesystem and network activity without explicit user consent per run.
!
Install Mechanism
There is no formal install spec in the registry, but the scripts themselves install Foundry by piping a remote install script (curl -L https://foundry.paradigm.xyz | bash). Download-and-execute of an external installer without verification is high-risk. The scripts also attempt to install the 'at' package via apt/sudo if missing, which can modify the host system.
!
Credentials
The skill declares no required environment/credentials, yet it collects highly sensitive secrets interactively (mnemonic/private key/password) and stores them in plaintext files under ~/.agent-wallet (mnemonic file, pw.txt, keystore copy, temporary private key file). It also manipulates workspace-level files when removing a wallet (attempts to remove mentions from a logs/tx_mentions.log located relative to the workspace), which reaches outside the skill's own data directory and is disproportionate for a helper.
!
Persistence & Privilege
The skill writes persistent files to ${HOME}/.agent-wallet and to Foundry's keystore directory and may modify PATH for the session. It does not set always:true, which is appropriate, but it will perform privileged changes (installing packages via sudo/apt) and touches workspace logs when removing a wallet. Those behaviors grant it more system reach than a minimal CLI helper and should be considered sensitive.
What to consider before installing
This skill is functionally coherent with a cast-based wallet helper, but there are multiple red flags you should consider before installing or running it: - The registry claims no external requirements, yet the scripts require cast/foundry, curl, python3 and optionally at/sudo. Ask the author why metadata is incomplete. Do not rely on the skill's declared requirements. - The onboarding scripts will prompt you for your mnemonic/private key and a keystore password, then save those to files in ~/.agent-wallet/pw.txt and temporary mnemonic files. These are stored in plaintext and only scheduled for deletion via 'at' (which the script may try to install). Do NOT paste real seed phrases/private keys into this tool unless you fully trust the code and runtime environment. - The installer uses curl | bash to fetch Foundry from foundry.paradigm.xyz — this executes remote code. If you decide to run it, review that installer first (do not pipe to shell blindly) or install Foundry manually from a verified source. - The remove script edits a workspace-level logs file to remove mentions of your address. That accesses files outside the skill's own directory and could modify unrelated artifacts. Review file paths and backups before running removal. - If you want to proceed safely: (1) inspect the scripts locally and run them in an isolated VM or container, (2) install Foundry/cast manually from official sources rather than allowing the script to curl|bash, (3) prefer hardware wallets or only use ephemeral test accounts (never mainnet funds) while evaluating, and (4) consider copying the scripts and adapting them to avoid storing secrets in plaintext (or using encrypted keystores only). If anything is unclear or you want, I can produce a short checklist of the exact commands and lines to review in the scripts before you run them, or produce a hardened run plan (manual install steps, required manual checks) you can follow.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d3er7z7xya5bem1vda5mec980j886

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments