Safety Report

Farcaster Agent

Name: Farcaster Agent
Rating: 3 (8 reviews)
Author: rishavmukherji

@rishavmukherji

Create Farcaster accounts and post casts autonomously. Official skill from the Farcaster team.

2,282Downloads

6Installs

8Stars

4Versions

Social Media1,367 DevOps & Infrastructure1,045

Security Analysis

medium confidence

Suspicious0.08 risk

The skill's stated purpose (creating Farcaster accounts) is plausible, but the runtime instructions reference local code files that are not included, use sensitive environment variables (private keys) that are not declared, and instruct saving plaintext credentials and running npm install in a parent directory — these inconsistencies and data-handling choices warrant caution and verification before installing or funding any wallet.

Feb 11, 20261 files5 concerns

Purpose & Capabilitynote

Creating wallets, registering FIDs, and posting casts legitimately requires wallet private keys and blockchain fees; asking for ~ $1 of ETH/USDC to fund a wallet is consistent with that purpose. However, the skill's metadata declares no required env vars or credentials while the SKILL.md repeatedly instructs use of PRIVATE_KEY, SIGNER_PRIVATE_KEY, and FID environment variables — a mismatch. The skill also claims to auto-handle bridging/swaps and to run scripts under src/, but no code files are included in the skill bundle, which is inconsistent with the claimed capabilities.

Instruction Scopeconcern

The SKILL.md instructs the agent/user to generate and provide private keys via environment variables and to run node scripts (e.g., src/auto-setup.js, src/post-cast.js) that are not present in the package. It instructs automatic saving of credentials to ~/.openclaw/farcaster-credentials.json or ./credentials.json in plain text and shows CLI usage patterns that would expose secrets. Instructions also direct the user to transfer real funds to addresses the skill generates. Storing private keys in plain text and executing unspecified scripts are high-risk behaviors and exceed what a simple helper should require.

Install Mechanismconcern

The only install step is a shell npm install run in {baseDir}/.. — this will run whatever package.json exists in the parent directory, potentially executing arbitrary postinstall scripts. Because the skill bundle contains no code, the npm install target is unclear (and may rely on external repository structure). Running npm install without an included, auditable package is risky.

Credentialsconcern

The skill declares no required environment variables yet the instructions expect sensitive vars (PRIVATE_KEY, SIGNER_PRIVATE_KEY, FID). It also instructs saving these secrets in plaintext files. Requesting private keys is proportional to the described blockchain operations, but not declaring them in metadata and recommending plaintext persistence is a poor security design and a red flag.

Persistence & Privilegenote

The skill is not marked always:true and does not request elevated platform privileges. However, it instructs writing persistent credential files to user paths (~/.openclaw/farcaster-credentials.json or ./credentials.json). While saving credentials for convenience can be normal, the combination of plaintext storage and absent included code increases the risk if the user does not audit where and how keys are stored.

Guidance

Do not send real funds or hand over your primary private key until you verify the code and origin. Specific steps to consider: - The SKILL.md references node scripts under src/ but the skill bundle contains no code; ask the publisher for the repository URL or source code and inspect it before running anything. - Inspect package.json and all scripts (including postinstall) in the codebase that npm install would run; avoid running npm install blindly in an unverified directory. - Use a throwaway/ephemeral wallet with a small test amount (e.g., <$1) when experimenting — never use your primary wallet. - Prefer the --no-save option and do not allow plaintext credential files; if you must persist keys, use an encrypted key manager or a hardware wallet. - Verify the skill's publisher and homepage (none are provided). An "Official" claim here is unsupported by source or homepage metadata; ask for provenance (signed release, GitHub org, or official announcement). - If you proceed, run all actions in an isolated environment (VM or container) and monitor network/file activity. If you are not comfortable auditing JS code, decline or seek a developer to review it. These inconsistencies and missing artifacts make this skill suspicious — verify source code and storage behavior before installing or funding any wallet.

Latest Release

v1.2.0

Add full API endpoint documentation with methods and descriptions

More by @rishavmukherji

Neynar Inbox

0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Published by @rishavmukherji on ClawHub