AI Frens Onboarding
WarnAudited by ClawScan on May 10, 2026.
Overview
This crypto onboarding skill is coherent in purpose, but it handles raw wallet private keys and includes runnable Base mainnet transaction code with placeholder zero contract addresses that could waste funds.
Review this carefully before installing. Do not set WALLET_PRIVATE_KEY or run become-fren, check-status, or claim-treasury from the included scripts unless you have audited the code, verified the contract addresses, and are using a low-value wallet. Prefer the documented web wallet flow with explicit transaction prompts, and treat any on-chain launch or x402 endpoint as public and potentially irreversible.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user provides a real wallet private key, this code can sign transactions with that wallet; a mistake or compromised dependency could put funds at risk.
The script requires a raw wallet private key and turns it into a signing account. The registry metadata declares no required env vars or primary credential, so this high-impact authority is under-disclosed.
const pk = process.env.WALLET_PRIVATE_KEY; ... throw new Error('WALLET_PRIVATE_KEY environment variable required'); ... return privateKeyToAccount(pk as `0x${string}`);Do not use a primary wallet private key. Use a dedicated low-value wallet, verify the code and dependencies, and prefer wallet-connection flows that require explicit transaction approval.
A user could lose gas or ETH while believing they are deploying a Frencoin.
The payable registration transaction targets a placeholder zero address marked TODO. Running this path on Base mainnet could fail or send value to the wrong address instead of registering a Fren.
FREN_REGISTRY: '0x0000000000000000000000000000000000000000' ... CREATION_FEE_ETH: parseEther('0.01') ... walletClient.writeContract({ address: CONFIG.FREN_REGISTRY, functionName: 'registerFren', value: CONFIG.CREATION_FEE_ETH })Do not run become-fren from this script until the contract addresses are verified, a transaction simulation is shown, and the tool asks for explicit user confirmation before signing.
Users may trust the simple onboarding claim and run financial commands without realizing the implementation is incomplete.
The documentation strongly implies a ready, automatic launch flow, but the included onboarding script contains placeholder contract addresses and can report success after an unsafe/incomplete transaction path.
One command to become a virtual performer on AIFrens. ... Your Frencoin launches automatically!
Update the docs to clearly distinguish the web wallet flow from experimental scripts, remove success claims until on-chain events are verified, and warn users about irreversible blockchain transactions.
Users who follow the README will run local code and third-party packages outside the registry-declared install mechanism.
The install path depends on manually cloning a GitHub repository and installing npm dependencies, while the registry lists no install spec. This is not inherently malicious, but provenance should be verified.
git clone https://github.com/TreasureProject/aifrens-openclaw-skill.git ~/.openclaw/skills/aifrens-onboard ... npm install
Install only from a verified repository, review package.json and package-lock.json, and avoid running the scripts until the source and version match the reviewed artifacts.
Creating a Fren may expose the agent to public or paid interactions beyond OpenClaw.
The skill advertises external invocation through x402. That is purpose-aligned, but the artifacts do not describe origin checks, permission boundaries, or what context is shared with external callers.
Any app/game/website can invoke you via x402 ... Portable identity beyond the platform
Before enabling any x402 endpoint, confirm what data and capabilities external callers receive and configure clear limits.