Uniswap Setup Agent Wallet
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: setup-agent-wallet Version: 0.1.0 The skill is designed to perform high-privilege operations, specifically provisioning and configuring cryptocurrency wallets, which inherently involves handling sensitive data and potentially accessing credentials (e.g., API keys from environment variables as indicated in SKILL.md). It delegates this task to a `wallet-provisioner` subagent, passing user-controlled parameters directly. While the skill itself does not contain explicit malicious code or prompt injection attempts, the sensitive nature of wallet management and the reliance on a subagent for execution introduce a significant attack surface. Any vulnerabilities in the `wallet-provisioner` subagent or improper sanitization of user inputs could lead to serious security risks, classifying it as suspicious due to the potential for exploitation of downstream vulnerabilities.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could move funds into a new agent wallet or set spending authority more broadly than the user intended.
The skill combines broad defaults with a funding step; if the user omits details, the agent may configure and fund wallets across all supported chains without a documented approval checkpoint.
Apply defaults for any unspecified parameters ... `chains` ... Default `all` ... `spendingLimit` ... Default `$1000/day` ... `Fund`: Send gas tokens to the wallet on each requested chain
Require explicit user confirmation for provider, environment, chains, mainnet/testnet, source wallet, exact funding amounts, token allowlists, and daily/per-transaction limits before any wallet creation or funding.
Over-scoped or wrong-environment credentials could let the agent act on real provider accounts or source funds when the user expected a limited setup.
The workflow requires provider API credentials and access to a funded source wallet, but the artifacts do not define credential names, scopes, funding authority, or environment separation.
Provision: Create the wallet via the selected provider's API ... `PROVIDER_AUTH_FAILED` ... "Check API keys." ... `FUNDING_FAILED` ... "Insufficient source balance."
Declare required credentials and scopes, separate development and production keys, use least-privilege funding accounts, and require confirmation before using any credential or source wallet.
Provider credentials, wallet configuration, chain selections, and funding authority may be passed to another agent with unclear boundaries.
All sensitive wallet provisioning, policy configuration, and funding are delegated to a subagent whose implementation, permissions, data handling, and outputs are not included in the artifacts.
allowed-tools: [Task(subagent_type:wallet-provisioner)] ... The agent internally handles all provisioning steps and returns the final wallet configuration.
Include and review the wallet-provisioner subagent, define a strict input/output schema, prohibit secret leakage in results, and gate high-impact actions with explicit user approval.
Future changes to the branch could alter what is installed compared with the reviewed artifacts.
The documented install path pulls from a mutable GitHub branch via npx; this is a common install pattern, but it does not pin the exact code revision.
npx skills add https://github.com/wpank/Agentic-Uniswap/tree/main/.ai/skills/setup-agent-wallet
Prefer a pinned release or commit and verify the source before installing, especially for a skill that coordinates wallet and funding operations.