Solana Transfer
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill appears to do what it says, but it gives agents direct, irreversible Solana wallet-spending power from a local private key with limited built-in approval or safety controls.
Install only if you intentionally want agents to move Solana funds. Use a new dedicated wallet with a small balance, test on devnet first, avoid storing your main wallet private key, and add explicit approval/spending limits before enabling any autonomous or agent-to-agent payment flow.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent invokes this skill incorrectly or is manipulated into doing so, it can send real funds to the wrong address; blockchain transfers generally cannot be undone.
The skill defaults to Solana mainnet and submits real transactions using the local keypair. The transfer functions accept caller-provided recipient and amount without built-in human approval, allowlists, or spending limits.
let config = { rpc: 'https://api.mainnet-beta.solana.com', network: 'mainnet-beta' }; ... const signature = await connection.sendTransaction(transaction, [keypair]);Use a dedicated low-balance wallet, default to devnet for testing, and add explicit user confirmation, recipient allowlists, spending caps, and transaction previews before any mainnet transfer.
Any code that imports this module may be able to access the signing key object and use it for broader Solana actions, not only the documented transfers.
The skill reads a wallet private key from disk or an environment-selected path and exports the full keypair object, which is broader authority than just exposing scoped transfer functions.
const KEYPAIR_PATH = process.env.SOLANA_KEYPAIR || join(__dirname, 'keypair.json'); ... keypair = Keypair.fromSecretKey(Uint8Array.from(keypairData)); ... export { sendSOL, sendSPLToken, connection, keypair };Do not use a main wallet key. Avoid exporting the keypair, restrict signing to narrowly validated transfer operations, and document the keypair as a required sensitive credential.
If automatic payments are connected to chat or agent messages without authentication, a spoofed or mistaken wallet address could receive funds.
The docs envision automatic inter-agent payment flows, while authenticated wallet identity and registry handling are still listed as future work.
Integrate with IRC skill for automatic expert payments ... Create agent wallet registry (who has what address?)
Before enabling automatic inter-agent payments, require authenticated quotes, a trusted wallet registry, quote IDs, and human or policy-based approval for new recipients.
Installing dependencies runs the standard npm dependency resolution path for the included Solana libraries.
The setup requires installing npm dependencies. This is expected for a Solana JavaScript skill and a lockfile is included, but it still introduces normal package supply-chain trust.
cd /root/.openclaw/workspace/skills/solana-transfer npm install
Install in a controlled environment, keep the lockfile, and review dependency updates before using the skill with funded wallets.