Autonomous Wallet
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a high-impact crypto wallet skill that can use private keys and execute irreversible transactions, but its approval boundaries and external npm supply chain are not clearly bounded.
Review this carefully before installing. If you test it, use a new low-value wallet on a testnet first, pin and inspect the npm package, never provide your main recovery phrase, and require explicit confirmation for every transaction.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the skill, installed package, or agent action is wrong or compromised, funds controlled by that key or recovery phrase could be transferred or approved irreversibly.
The skill asks for raw wallet credentials that can authorize blockchain transactions; combined with the wallet execution commands, this grants full control over the wallet's assets.
PRIVATE_KEY ... Ethereum private key for wallet operations ... MNEMONIC ... 12/24-word recovery phrase
Do not use a main wallet seed. Use a dedicated low-value wallet or testnet, prefer hardware-wallet or multisig controls, and require explicit approval before every transaction.
A mistaken or manipulated intent could result in an unintended transfer, swap, staking action, or token approval.
The skill exposes natural-language commands that can move funds or grant token allowances, but the artifacts do not define mandatory human approval, recipient allowlists, spending caps by default, or other clear execution boundaries.
autonomous-wallet execute "Send 1 ETH to alice.eth" ... autonomous-wallet execute "Approve Uniswap to spend 1000 USDC"
Only run transaction intents after reviewing the exact transaction details, enforce spending limits and simulation, and disable autonomous invocation for real funds unless strong guardrails are added.
The actual code that receives wallet credentials and signs transactions is outside the reviewed artifacts and could change in future npm releases.
The submitted skill contains no runnable code or install spec and relies on a globally installed external npm package with an unpinned version range to handle wallet operations.
packages: ... name: openclaw-autonomous-wallet ... source: npm ... version: ">=0.1.0" ... npm install -g openclaw-autonomous-wallet
Pin an exact package version and integrity hash, review the package source before use, install in an isolated environment, and avoid exposing valuable keys to unreviewed code.
Users may be over-reassured into connecting valuable wallets or mainnet funds before independently verifying the software.
The skill makes broad security and privacy assurances, but the reviewed artifacts do not include the wallet implementation needed to verify those claims, and the README describes the project as alpha and not audited.
This skill is **safe and verified** ... private keys never leave your device ... No data collection
Treat the safety claims as unverified until the exact code, audit status, package provenance, and key-handling behavior are independently confirmed.