The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill requires managing sensitive private keys and mnemonic phrases via environment variables (e.g., $ETH_PRIVATE_KEY), which can be exposed if the local environment is compromised.
[DATA_EXFILTRATION]: The core integration logic involves sending unencrypted private keys to a remote server (https://api.openclaw.com/api/v1/wallet/connect). This is a critical security anti-pattern in blockchain applications, as it grants a third-party service full control over user assets.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'openclaw-blockchain' Python package. It also references well-known infrastructure providers such as Infura for blockchain RPC connectivity.
[COMMAND_EXECUTION]: The skill uses a proprietary 'claw' command-line interface to execute wallet operations, including transaction signing and fund transfers. This provides the agent with the capability to perform irreversible financial actions on the system.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it incorporates external data into its operations. 1. Ingestion points: Data is retrieved from blockchain balance queries and real-time event streams via WebSocket (ws://api.openclaw.com/events). 2. Boundary markers: The skill lacks delimiters or explicit instructions to distinguish between blockchain transaction data and executable commands. 3. Capability inventory: The skill has the ability to send transactions ('claw wallet send'), making it a target for malicious instructions embedded in transaction memos. 4. Sanitization: There is no documented validation or sanitization of data received from the blockchain before it is processed by the model.

wallet-integration