ClawCast Crypto Wallet: Keys, Balances & Transactions
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any process that can read these local files may be able to unlock the wallet; crypto transfers are irreversible.
The script forces a saved wallet password and imports private-key material into a keystore, creating ongoing authority to unlock/sign from the wallet.
state_set "SAVE_PASSWORD" "y" ... printf "%s" "$PW" > "${PASSWORD_FILE}" ... cast wallet import "$acct_name" --private-key "$PRIVATE_KEY"Do not import a valuable existing wallet. Use a new low-balance wallet, make password saving optional, and require explicit confirmation before every signing or sending action.
Seed phrases or private keys left on disk can be copied and used to drain the wallet.
The script writes seed phrase and private-key material to local files, even if some are intended to be temporary.
printf "%s\n" "$MNEMONIC" > "${MNEMONIC_FILE}" ... printf "%s" "${PRIVATE_KEY}" > "${PK_TMP}"Avoid saving seed phrases to disk; prefer secure local key managers or hardware wallets, and verify any temporary files are deleted immediately.
The setup flow can make privileged changes to the operating system that are not obvious from the registry metadata.
During wallet creation, the cleanup helper may install a system package with sudo rather than only using already-available tools.
installer="apt-get install -y at" ... sudo sh -c "$installer > /tmp/at-install.log 2>&1"
Ask for explicit user approval before any package installation, declare the dependency, or use a non-privileged cleanup fallback.
A compromised upstream installer or network path could affect the local wallet environment.
Installing Foundry/cast is purpose-aligned, but the installer is fetched and executed remotely without a pinned version in the artifacts.
curl -L https://foundry.paradigm.xyz | bash ... foundryup
Install Foundry separately from the official source, verify checksums/signatures where available, and review the installer before running it.
The agent may reveal the saved address/keystore path and query a public RPC endpoint without a fresh prompt.
The skill instructs automatic local checks and RPC balance queries when a wallet exists.
Run `scripts/check_wallet.sh` automatically each session; do not ask the user to trigger it... run `scripts/show_network.sh` and query the balance
Make wallet status and balance checks user-confirmed or clearly disclose that they run automatically.
A user could paste wallet recovery material into chat or logs, permanently compromising the wallet.
The agent guidance can lead users to provide seed phrases or private keys through the agent interaction instead of a clearly isolated secure input path.
ask whether they want to ... import a 12/24-word ... mnemonic ... or import a private key. Collect the chosen secret
Never ask users to paste seed phrases or private keys into chat; require secure local TTY input and warn users before any secret entry.