Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Autobahn
v0.0.11Operate and govern autonomous on-chain entities using AI agents for identity, governance, contracts, legal, lending, and community workflows.
⭐ 0· 1.5k·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes an Autobahn CLI for forming and governing on-chain autonomous entities and the included install script installs an 'autobahn' binary — this is coherent with the stated intent. However the registry entry has no description/homepage, and the included install script's default download version (v0.4.0) does not match the skill registry version (0.0.11), which is unexpected and should be explained.
Instruction Scope
The instructions direct agents to generate and store ECDSA private keys and to perform governance actions (propose/vote/execute). They also rely on an API server deployer key for many operations. SKILL.md does not declare where encrypted keys are stored or how they are protected beyond 'do not log keys', and it assumes use of the external 'autobahn' CLI. Creating and managing signing keys and executing on-chain transactions is powerful and risky; the instructions give the agent authority to create keys and use them, which requires explicit operational safeguards that are not specified here.
Install Mechanism
The skill includes scripts/install.sh which downloads a prebuilt binary from GitHub releases (https://github.com/unifiedh/autobahn-releases). Downloading an executable from a third-party release is a moderate-to-high risk action unless the binary is signed/verifiable. Additional red flags: the script default VERSION (v0.4.0) differs from the skill package version (0.0.11), and the repository/owner in the install script is not validated in the SKILL.md or registry metadata. There is no declared install spec in the registry (the script exists but isn't wired into an install process), which is an inconsistency.
Credentials
The skill declares no required environment variables, but the instructions mention JWTs, deployer keys, and smart-account key storage and authentication flows (EIP-712 login). Those credentials/keys are high-value secrets. The skill does not declare which environment variables or config paths it will use to store or read these secrets, nor does it require any explicit credentials up front, creating uncertainty about where secrets will be kept and how they'll be protected.
Persistence & Privilege
The skill does not request 'always: true' and does not declare system-wide config modifications. Autonomous invocation is permitted (the platform default), which increases potential impact if the skill is later given permission to act unattended, so users should control agent autonomy when granting this skill.
What to consider before installing
Things to check before installing/using this skill:
- Verify the source: confirm the GitHub repo (unifiedh/autobahn-releases) and its maintainer(s) match the project homepage and team; the registry entry lacks a homepage/description.
- Do not run the installer blindly: the included scripts/install.sh downloads and installs a binary. Verify the release tag, download URL, and preferably check a checksum or signature for the binary before making it executable.
- Version mismatch: ask the publisher why the install script defaults to VERSION=v0.4.0 while the registry lists version 0.0.11 — this could be accidental or malicious.
- Secret custody: understand exactly where the CLI stores generated private keys and how they are encrypted; require key backup and recovery procedures and prefer using hardware or OS keystores when possible.
- Limit autonomous privileges: avoid allowing an agent to run this skill fully autonomously until you audit the binary and the server-side API behavior; require explicit human confirmation for irreversible on-chain actions.
- Audit external endpoints: SKILL.md references an API server and FeeRouter addresses; verify those endpoints and deployed contract addresses independently (onchain) before sending funds or executing governance actions.
- If unsure, run the binary in a sandboxed environment first (container or VM) and inspect network activity and file writes, or request source code and reproducible build instructions from the author.Like a lobster shell, security has layers — review code before you run it.
latestvk97c5kh7ad5p0ze5pa8t36b4gs80x90t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.