Ethereum EIP-4337 smart contract wallet designed for AI agents. Use this skill whenever the user wants to manage Ethereum accounts, check balances, send ETH/...
Security Analysis
medium confidenceThe skill's declared purpose (an Elytro Ethereum wallet) mostly matches its instructions, but there are some incoherent or under-specified details (install metadata vs registry, enforced Telegram-specific UI/callbacks, and no discussion of key storage) that merit caution before installing.
The name/description (EIP-4337 smart contract wallet) align with the runtime commands (calls to an elytro CLI such as `elytro account list`, `elytro tx send`, etc.). Requesting the `elytro` binary is appropriate. Minor inconsistency: the registry lists no install spec, but the SKILL.md frontmatter and text recommend installing `@elytro/cli` via npm and require Node >=24 — the registry metadata and SKILL.md disagree about whether installation is handled for the user.
The instructions mandate using Telegram Inline Buttons and a specific callback_data naming scheme for all confirmations and navigation. That is a strong UI/platform requirement that is not declared elsewhere (no required messaging credentials or platform integration described). The SKILL.md also directs the agent to run CLI commands 'silently in the background' and to never accept text confirmations — this enforces a particular integration pattern and automated callbacks, which increases risk if the environment doesn't actually support safe button handling. The skill does not describe how it expects private keys to be managed (local key files, hardware wallet, remote signer), though the CLI will likely access wallet material; that omission is important.
This is instruction-only (no code files). The SKILL.md suggests installing the official CLI via npm (`npm install -g @elytro/cli`) which is a traceable install mechanism if you verify the package and repository. The registry's top-level install spec is absent, producing a mild inconsistency: the agent/installer may not automatically install the required binary. No arbitrary download URLs or archive extraction are present in the skill files themselves.
The skill declares no required environment variables or credentials, which superficially looks safe. However, the elytro CLI will likely need access to private key material or a signer; the SKILL.md does not state how keys are provided or protected. Because the skill enforces automated actions and callback-driven approvals, there is a risk that transaction-signing credentials available to the CLI could be used without clear documentation of consent boundaries. No unrelated secrets are requested by the skill itself, but the lack of key-management guidance is a notable gap.
The skill is not always-enabled and allows model invocation (default), which is normal. The SKILL.md's callback_data conventions and emphasis on automated Inline Button flows enable programmatic triggering of actions across agents — combined with CLI access to wallets this increases the blast radius, but the skill does not request persistent system-level privileges or manipulate other skills' configs. Overall, no elevated platform-level privileges are requested, but the operational design encourages automation that a user should evaluate carefully.
Guidance
This skill appears to implement an Elytro wallet CLI workflow, but proceed cautiously. Before installing or enabling it: 1) Verify the CLI source — inspect the npm package `@elytro/cli` and the GitHub repo linked in the SKILL.md to confirm authorship and check for malicious code. 2) Confirm how private keys/signers are stored and accessed on your system (local keystore, hardware wallet, remote signer). Do not expose private keys or signing credentials to the agent or CLI unless you understand the storage and consent model. 3) Ensure your environment supports the required Telegram Inline Button UX or be prepared to adapt the skill — the SKILL.md enforces Telegram-specific callback patterns but the skill does not declare messaging credentials. 4) Because the registry lacks an install spec but the SKILL.md suggests npm install, prefer manual installation and audit the CLI before granting it execution rights. 5) If you plan to allow autonomous agent invocation, limit agent scope and monitor operations (transactions, account activation) until you are confident in the integration. If you want, provide the npm/GitHub package details and how you host keys and I can point out exact files or commands to inspect for risky behavior.
Latest Release
v0.1.1
**Major upgrade with new Telegram Inline Button UI and Uniswap swap support.** - Adds Uniswap swap support; integrates with the swap-planner skill for token swaps via the wallet. - Overhauls the user interaction model: all confirmations and list selections must use Telegram Inline Buttons (no text prompts). - Introduces a detailed Navigation Flow Map specifying button-based menus for all actions, including Main Menu, account selection, security, and settings. - Mandates Inline Button conventions and callback_data naming schemes for seamless multi-agent workflows. - On ambiguous wallet intent, immediately displays Main Menu (via buttons) instead of asking user what to do.
Popular Skills
Published by @jayden-sudo on ClawHub
