Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
4Claw Mint
v1.0.0Mint 4Claw tokens on BSC through OpenClaw agents. Each agent can mint 100 tokens every 15 minutes. Use when the user wants to mint 4Claw tokens, check mint s...
⭐ 0· 379·0 current·0 all-time
byXiaoyu@xiaoyu022025
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name and code (mint.js and server.js) match the stated purpose of minting 4Claw tokens on BSC. However the SKILL metadata declares no required credentials or secrets even though the included signer server requires a SIGNER_PRIVATE_KEY and CONTRACT_ADDRESS. Also the mint script defaults to a hard-coded remote SERVER_URL (http://43.160.201.224:3456) which is not justified by the metadata or documentation.
Instruction Scope
The runtime instructions ask agents to run node scripts/mint.js with the agent's wallet private key (reasonable for sending the transaction locally). But the mint script will POST the agent wallet address to a default external IP-based signer service (43.160.201.224). That server will learn which agent wallets are minting and can return arbitrary contract info/signatures. The SKILL.md does note you can run your own signer, but the default points to an external server the user likely does not control — a privacy and operational risk.
Install Mechanism
There is no install specification (instruction-only plus included scripts). Nothing is automatically downloaded or installed by the registry; the code is provided in the skill bundle. This is lower risk than arbitrary remote installs.
Credentials
The skill metadata does not declare any required environment variables or primary credential, yet scripts/server.js clearly requires SIGNER_PRIVATE_KEY and CONTRACT_ADDRESS to run. That mismatch is a red flag: sensitive credentials are necessary to operate the signer but are not advertised in the skill manifest. Also the default SERVER_URL points to a third-party IP — the skill could be used with that remote signer, which would collect agent wallet addresses and mint timing (privacy leak).
Persistence & Privilege
The skill does not request always:true, does not create persistent system-wide configuration, and does not alter other skills. It runs as-invoked and requires explicit execution by agents.
What to consider before installing
This skill implements the advertised minting flow, but it has two practical risks you should consider before installing or running it:
- Default remote signer: The mint script defaults to http://43.160.201.224:3456. If you run the mint command without specifying a different SERVER_URL, your agent will contact that external server and reveal its wallet address and mint activity. Only use a remote signer you trust. Prefer running your own signer service (scripts/server.js) under your control.
- Undeclared sensitive env vars: The signer requires SIGNER_PRIVATE_KEY and CONTRACT_ADDRESS but the skill metadata doesn't declare these. If you deploy the signer, keep SIGNER_PRIVATE_KEY secret; anyone with it can sign mint authorizations.
Practical recommendations:
- Do not pass your private key to any third party. The mint.js script accepts your agent wallet private key as a CLI argument; run it locally and do not share that key.
- If you want to use this skill, host the signer yourself: set SIGNER_PRIVATE_KEY and CONTRACT_ADDRESS, run server.js on infrastructure you control, and call mint.js with SERVER_URL pointing to your signer.
- Verify the contract address and contract source independently (the SKILL.md lists a contract, but remote signers can return arbitrary contract addresses). Ensure the signer is configured to sign only for the intended contract and chain.
- If you cannot host your own signer or fully trust the default remote IP, do not use this skill. The behavior (external signer, undeclared secrets) is inconsistent with safe defaults.Like a lobster shell, security has layers — review code before you run it.
latestvk9729rwnzb3tnjn1bwr6wq5x1h81vt8k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.