Agentwallet Sdk
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is a high-impact crypto wallet integration that asks agents to sign and spend autonomously, but the artifacts do not show the promised spend-limit and approval safeguards.
Review this carefully before installing. If you use it, pin and verify all npm packages, use a separate low-value wallet or session key, require manual approval for each transaction, and do not enable MCP wallet access for untrusted agents.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could move, swap, bridge, or spend crypto assets in ways that are difficult or impossible to reverse if limits and approvals are not enforced elsewhere.
The skill explicitly enables autonomous spending and irreversible on-chain actions, but the provided artifacts do not show the spend limits or approval queues promised by the registry description.
Sign transactions autonomously without custodial risk ... Pay for API access automatically ... await wallet.transfer ... await wallet.bridge ... await wallet.swap
Use only with explicit per-transaction confirmation, hard spend caps, a separate low-balance wallet, and verified approval-queue controls before allowing autonomous execution.
A private key with funds could be exposed to overly broad agent authority or used for transactions outside the user’s intended limits.
The integration requires private-key signing authority, but the registry declares no primary credential or required environment variables and the artifacts do not define how keys are scoped, stored, or protected.
signer: privateKey, // Agent's own key — never custodied ... Agent holds its own private key
Do not use a main wallet key. Use a dedicated wallet or session key with minimal funds, explicit allowances, and revocation controls.
Installing or invoking the wrong or changed package version could give unreviewed code access to wallet keys and transaction signing.
The skill relies on unpinned external npm packages for high-impact wallet and MCP operations while the submitted package contains no reviewed implementation or install spec; this is compounded by unknown source/provenance and inconsistent version claims across the artifacts.
npm install agentwallet-sdk ... npm install @agent-wallet/mastra-plugin ... npm install clawpay-mcp
Verify package ownership, pin exact versions and checksums, review source code, and avoid enabling wallet functionality until provenance is clear.
Users may trust the skill with more funds or autonomy than is safe based on unsupported safety claims.
The wording may overstate safety: non-custodial does not remove spending risk when an agent holds a signing key, and passing tests is not evidence of an independent audit.
Sign transactions autonomously without custodial risk ... Audited: forge test suite 129/129 passing on smart contracts
Treat the safety claims as unverified until an audit report, threat model, and concrete spend-control implementation are provided.
Other connected agents or MCP clients might be able to invoke sensitive wallet actions if the MCP layer is configured too broadly.
The artifact describes exposing wallet operations across an MCP boundary but does not document identity checks, authorization, tool filtering, or confirmation requirements.
With ClawPay MCP ... Exposes wallet operations as MCP tools for any MCP-compatible agent.
Enable MCP wallet tools only with strong allowlists, explicit confirmations, scoped permissions, and isolation from untrusted agents.