4Claw Mint
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill matches its token-minting purpose, but it asks for raw blockchain private keys and sends real BSC transactions through an unauthenticated HTTP signer that can choose the target contract.
Review carefully before installing. Do not use a main wallet private key; use a dedicated low-balance wallet if you test it. Verify the 4Claw contract address independently, avoid the default unauthenticated HTTP signer unless you trust it, and do not run the signer service publicly without authentication and rate limiting.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the private key is exposed or misused, the wallet's funds and on-chain authority could be at risk; even normal use spends BNB for gas.
The skill requires raw wallet private-key authority capable of signing BSC transactions and spending gas. That is high-impact credential use, and the registry metadata declares no primary credential or required env vars.
node scripts/mint.js <PRIVATE_KEY> <SERVER_URL> ... PRIVATE_KEY: Agent's BSC wallet private key (needs small BNB for gas)
Use a dedicated low-balance burner wallet, avoid passing raw private keys on the command line, declare the credential requirement clearly, and require explicit user approval for each transaction.
A changed, compromised, or impersonated signer service could cause the wallet to send a transaction to an unexpected contract and waste gas or interact with unintended on-chain code.
The mint script defaults to an HTTP signer service and uses the contract address returned by that service, rather than verifying it against the fixed contract address documented in SKILL.md.
const SERVER_URL = process.argv[3] || "http://43.160.201.224:3456"; ... const { nonce, deadline, signature, contract } = sigRes.data; ... const fourClaw = new ethers.Contract(contract, CONTRACT_ABI, wallet);Pin and validate the expected contract address and chain ID before sending any transaction, use HTTPS or another authenticated channel, and show transaction details for user confirmation.
Deployers may believe minting is restricted to OpenClaw agents, but anyone who can reach the service can request signatures for arbitrary wallet addresses and potentially abuse or grief the mint flow.
The signer service validates only that the supplied wallet address is syntactically valid and then signs a mint authorization; it does not verify OpenClaw agent identity or wallet ownership, despite the skill saying only OpenClaw agents can mint.
const { wallet_address } = await parseBody(req); ... if (!wallet_address || !ethers.isAddress(wallet_address)) ... const signature = await signer.signMessage(...); ... "Access-Control-Allow-Origin": "*"Add authentication, wallet-ownership proof, OpenClaw agent attestation, and rate limits, or clearly document that the signer endpoint is public.
Users may need to install undeclared dependencies manually, which increases setup uncertainty and supply-chain risk.
The package includes runnable JavaScript files, but the metadata provides no install spec, dependency declaration, lockfile, required Node binary, or source homepage.
Install specifications: No install spec — this is an instruction-only skill. Code file presence: 2 code file(s): scripts/mint.js ... scripts/server.js
Provide a package manifest and lockfile, declare Node.js and ethers requirements, and publish a source repository or provenance information.