Solana Transfer
Security checks across malware telemetry and agentic risk
Overview
This skill appears to send Solana payments as advertised, but it gives agents direct, irreversible spending authority from a local wallet key without enforced approval or limits.
Review carefully before installing. Use devnet first, never use your main wallet keypair, keep only limited funds in the configured wallet, and require explicit human approval plus amount and recipient limits before any agent can send mainnet payments.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent calls this with the wrong recipient or amount, real SOL or tokens can be transferred irreversibly.
The transfer path signs and broadcasts blockchain transactions using the local keypair. The provided code does not enforce a user confirmation step, amount limit, recipient allowlist, simulation, or devnet-only safeguard before sending.
const signature = await connection.sendTransaction(transaction, [keypair]);
Require explicit human approval for every mainnet transfer, add maximum amount limits and recipient allowlists, simulate transactions before sending, and use a low-balance dedicated wallet.
Installing and funding this skill effectively gives the agent wallet-spending authority over the configured keypair.
The skill reads a Solana secret key from a local file and uses it as the signing identity. That key grants full authority over the wallet funds available to the skill.
const keypairData = JSON.parse(readFileSync(KEYPAIR_PATH, 'utf8')); keypair = Keypair.fromSecretKey(Uint8Array.from(keypairData));
Declare the wallet keypair as a primary credential/config requirement, avoid using a main wallet, restrict file permissions, do not share the keypair with unrelated skills, and fund only a limited-purpose wallet.
Importing the module may load the wallet, run CLI behavior, print configuration details, exit the process on missing keys, or potentially act on process arguments outside the caller's intended transfer flow.
The CLI dispatcher runs unconditionally even when the module is imported programmatically, which contradicts the documented import-based usage and can create unexpected side effects in an agent process.
main();
export { sendSOL, sendSPLToken, connection, keypair };Guard the CLI entry point so it only runs when the file is executed directly, and separate library exports from command-line behavior.