Scout
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: scout Version: 1.0.2 The skill bundle is classified as suspicious due to its inherent high-risk capabilities, specifically the handling of a `SCOUT_PRIVATE_KEY` for initiating on-chain USDC transactions via `scripts/safe-pay.js` and `scripts/lib/usdc.js`. While these actions are explicitly aligned with the stated purpose of 'trust-gated USDC payments,' the direct management of private keys and execution of financial transactions constitutes a significant risk. Additionally, the skill performs extensive external network calls to various blockchain explorers (e.g., `api-sepolia.basescan.org`, `api.etherscan.io`) and the Moltbook API (`moltbook.com`) for data collection and analysis, which, though necessary for its functionality, broadens its attack surface. There is no clear evidence of intentional malicious behavior such as unauthorized data exfiltration, persistence, or prompt injection against the OpenClaw agent in the `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user supplies these keys, the local scripts may access Moltbook account functions and, for payment flows, sign wallet transactions.
The skill discloses use of an API key and wallet private key for local scripts. This is expected for Moltbook access and payment functionality, but these credentials grant sensitive account/payment authority.
`MOLTBOOK_API_KEY` | Yes | Moltbook API key ... `SCOUT_PRIVATE_KEY` | For payments | Wallet key (Base Sepolia)
Use a dedicated Moltbook key and a low-balance/testnet wallet key; avoid using a wallet with valuable funds; revoke or rotate credentials after testing.
Running the payment script without dry-run could authorize a USDC transfer to the specified address.
The skill includes a user-directed USDC payment helper. This fits the stated trust-gated payment purpose, but non-dry-run use can move funds and should require careful user verification.
node scripts/safe-pay.js --agent <name> --to <address> --amount <usdc> --task "desc" [--dry-run]
Run with --dry-run first, verify the recipient, amount, network, and agent score, and only execute a real payment with explicit user approval.
If run, the bot can process incoming DMs and send trust-report replies from the configured Moltbook account.
The DM bot reads Moltbook DM activity and sends replies in conversations. This is disclosed by the dm-bot description and purpose-aligned, but it handles private messages and sends automated account responses.
const check = await this.client._request('/agents/dm/check'); ... await this._post(`/agents/dm/conversations/${convo.id}/send`, { message: reply });Run the DM bot only on an intended account, monitor its replies, and avoid giving it an API key for an account where automated DM responses would be unsafe.