ens-manager
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches its ENS purpose, but it gives an agent wallet-key access and mainnet transaction ability that can spend ETH or permanently change ENS records without strong built-in approval limits.
Install only if you are comfortable letting the agent work with Ethereum wallet credentials and mainnet ENS transactions. Use a fresh low-balance wallet, run dry-runs first, manually confirm every paid transaction, verify the name/duration/cost, and do not paste raw private keys or passwords into commands that may be stored in shell history.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent or shell history mishandles the wallet key, the user could lose control of funds or have unwanted ENS transactions signed.
The skill tells agents how to provide raw Ethereum private keys, including a direct CLI option that the docs themselves identify as exposing the key in shell history. A wallet private key can authorize spending all funds in that wallet, and the registry metadata does not declare a primary credential.
export WALLET_PRIVATE_KEY="0x1234..." ... --private-key "0x1234..." ... "⚠️ Warning: Exposes key in shell history."
Use a dedicated low-balance wallet, avoid direct private-key or password command-line arguments, prefer manual wallet approval where possible, and require the skill metadata to declare wallet credentials clearly.
A mistaken or overly autonomous invocation could spend ETH, register the wrong name or duration, or make public ENS changes that are not refundable.
The script performs a payable ENS registrar contract write on Ethereum mainnet. The docs provide dry-run examples, but the executable flow does not show an additional confirmation, spending cap, or user-approval checkpoint before submitting the paid transaction.
functionName: 'register', ... args: [name, owner, duration, secret, resolver, [], true, 0], value: price
Require an explicit user confirmation before every non-dry-run transaction, display the exact name, duration, total ETH cost, gas estimate, and wallet address, and enforce user-configurable max-spend limits.
Users depend on the integrity of npm packages and the local dependency resolution at install time.
External npm dependencies are expected for Ethereum and IPFS functionality, but the install guidance relies on live npm resolution and the registry metadata shows no install spec or source homepage.
cd scripts/\nnpm install viem\nnpm install content-hash
Install from a trusted source, review package.json/package-lock if available, pin dependency versions, and avoid running npm update automatically in sensitive wallets.