gclaw-agent

SUSPICIOUS: the footprint is coherent with a crypto-trading agent, but it is inherently high risk. It enables autonomous real-world financial actions, accepts wallet private keys, executes shell commands, processes untrusted external content, and can install additional skills from arbitrary URLs; the same-org curl|bash installer adds supply-chain risk but is not by itself evidence of malware.

This configuration is high-risk for supply-chain and secret-exfiltration scenarios though it does not itself contain obviously obfuscated or encoded malicious code. The primary dangers are: storing/using a wallet private key in config (enables fund theft), allowing shell commands (curl) and filesystem access (~/gclaw-workspace) that can be combined to exfiltrate secrets, and enabling autonomous, scheduled trading with automatic fund movements. If deployed with proper secret management, strict channel whitelisting, sandboxing of shell/web tools, and human-in-the-loop approvals for trades, risks can be reduced. As-is, treat this configuration as risky for production use and audit runtime controls and secret handling before deployment.