memoclaw

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill requires a private key (MEMOCLAW_PRIVATE_KEY) and includes an explicit example exporting the private key into the shell (export MEMOCLAW_PRIVATE_KEY=0xYourPrivateKey), which encourages embedding a secret verbatim in commands and could lead an LLM to request or output the secret directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly makes HTTPS calls to https://api.memoclaw.com at runtime (e.g., POST /v1/context which returns an "LLM-ready" context block) and the fetched content is intended to be inserted into agent prompts and is required for the skill to function, so this external URL can directly control agent prompts.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly requires a wallet private key (MEMOCLAW_PRIVATE_KEY), uses wallet signatures for auth, and performs on-chain micropayments in USDC on the Base network after the free tier. The CLI/skill automatically handles wallet signature auth and x402 payment flows (includes checking USDC balance, payment-required errors, and sending per-call payments). This is direct crypto/ blockchain payment capability (signing and sending payments), so it grants direct financial execution authority.