Test skill for static scan validation. Manages agentic wallets via the caw CLI.
Security Analysis
medium confidenceThe instructions claim to manage agentic wallets via the 'caw' CLI, but the skill declares no required binaries or credentials — that mismatch is unexplained and worth caution.
The description and SKILL.md explicitly refer to running the 'caw' CLI (e.g., `caw wallet balance`) and performing on-chain operations. However the registry metadata lists no required binaries and no environment variables/credentials. Managing wallets via a CLI typically requires the CLI binary and authentication (keys, config files, or environment credentials). The lack of declared binaries/creds is disproportionate to the stated purpose.
The SKILL.md focuses on wallet operations, safety checks, and explicit owner approval; it does not instruct the agent to read unrelated system files or exfiltrate arbitrary data. However it implicitly assumes access to the 'caw' CLI and whatever auth that CLI needs — the skill does not explain how those credentials/configs are obtained or protected.
There is no install spec and no code files (instruction-only). That minimizes direct install risk because nothing is downloaded or written by the skill itself.
No environment variables or primary credential are declared, yet the runtime behavior (on-chain wallet operations) would normally require credentials, keys, or local config access. This gap could be benign (omission) or indicate the skill expects credentials to be provided out-of-band — either way, the requested environment/credential surface is not documented and is therefore suspicious.
always is false and the skill is user-invocable; it does not request persistent presence or system-wide configuration changes. No indications it modifies other skills or agent settings.
Guidance
This skill appears coherent in purpose (wallet management with safety checks) but omits key operational details. Before installing or using it: 1) Confirm whether the 'caw' CLI is required and, if so, which exact binary/version and install method are expected. 2) Ask the author how credentials (private keys, API tokens, or local config files) are supplied and protected — the skill should declare required env vars or config paths. 3) Do not point the skill at a real high-value wallet until you verify behavior; test with a sandbox/testnet wallet and small amounts. 4) Require explicit owner approval flows in practice and audit any submitted pacts/transactions. 5) If you can't obtain clear answers about binaries and credential handling, treat the skill as unsafe to grant wallet access.
Latest Release
v1.0.1
Version 1.0.1 of cobo-agentic-wallet-test refines skill behavior and safety for agentic wallet operations. - Clarified operating principles: proactive, precise, and bounded authority. - Detailed stepwise guidance for on-chain actions, including balance checks and explicit approval requirements. - Expanded safety checklist to prevent operations from untrusted sources and prompt injection attacks. - Explicit guidelines on when to pause and seek owner approval. - Clearly defined agent limitations for security and compliance.
Popular Skills
Published by @pengjunquan-l on ClawHub
