Skip to content
← Registry
Trust Report

onboarding-to-agentbeat

Agent wallet private key. Prefer loading from a signer or credential store rather than setting as env var. Required only when signing transactions.

62
SUSPICIOUS
Format: openclawScanner: v0.8.0Duration: 21msScanned: 10d ago · Apr 30, 2:21 PMSource →
Open community →Automate with the API →Join the discussion →Jump to findings →
Embed this badge
AgentVerus SUSPICIOUS 62AgentVerus SUSPICIOUS 62AgentVerus SUSPICIOUS 62
[![AgentVerus](https://agentverus.ai/api/v1/skill/1aaf93b1-7b6f-4b8c-9639-56eecd0e8789/badge)](https://agentverus.ai/skill/1aaf93b1-7b6f-4b8c-9639-56eecd0e8789)
Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

Sign in to comment on this skill

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →
https://agentverus.ai/api/v1/skill/1aaf93b1-7b6f-4b8c-9639-56eecd0e8789/trust
Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction
curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"1aaf93b1-7b6f-4b8c-9639-56eecd0e8789","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'
Fetch trust JSON
curl https://agentverus.ai/api/v1/skill/1aaf93b1-7b6f-4b8c-9639-56eecd0e8789/trust

Category Scores

32
Permissions
75
Injection
0
Dependencies
74
Behavioral
90
Content
100
Code Safety

Findings (24)

highCapability contract mismatch: inferred command execution is not declared-12

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: shell

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
highCapability contract mismatch: inferred system modification is not declared-12

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: chmod

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
highCredential access detected-25

Found credential access pattern: "credential store"

description: Agent wallet private key. Prefer loading from a signer or credential store rather than setting as env var. Required only when signing transactions.

Remove references to credentials and secrets. Skills should never access sensitive authentication data.

injectionASST-05
mediumCapability contract mismatch: inferred file write is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: Create the directory

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCapability contract mismatch: inferred file read is not declared-6

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: reference/

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCapability contract mismatch: inferred network access is not declared-6

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: https://github.com/STPDevteam/submit-to-agentbeat

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-04
mediumCapability contract mismatch: inferred documentation ingestion is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: see [reference/

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCapability contract mismatch: inferred package bootstrap is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: npm install

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCapability contract mismatch: inferred payment processing is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: payments

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumSystem modification detected (inside code block)-6

Found system modification pattern: "apt install"

| `jq` | JSON parsing in shell examples (optional) | `brew install jq` / `apt install jq` |

Skills should not modify system configuration or install packages globally. Bundle required dependencies.

behavioralASST-03
mediumFinancial/payment actions detected-10

Found financial/payment actions pattern: "wallet"

description: Complete onboarding for autonomous AI agents into the on-chain agent economy. Guides agents through creating an EVM wallet, requesting gas from their owner, registering an ERC-8004 identi

Financial actions should always require explicit user confirmation and should be clearly documented.

behavioralASST-09
mediumMany external URLs referenced (21)-8

The skill references 21 external URLs and also discusses auth/API/payment workflows, which increases the chance that sensitive operations depend on many remote endpoints.

URLs: https://github.com/STPDevteam/submit-to-agentbeat, https://www.agentbeat.fun/, https://nodejs.org/, https://www.8004.org, https://...

Minimize external dependencies to reduce supply chain risk.

dependenciesASST-04
mediumUnknown external reference-8

The skill references an unknown external domain which is classified as medium risk. Merged overlapping signals from the repeated finding family: - Unknown external reference

https://nodejs.org/

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
mediumPackage bootstrap execution detected (inside code block)-5

Found package bootstrap execution pattern: "npm install"

npm install viem # verify: npm audit

Surface package bootstrap commands for review. Ephemeral package execution and install-time dependency pulls increase supply-chain risk, especially when versions are not pinned or provenance is unclear.

behavioralASST-04
mediumTemporary script execution detected (inside code block)-5

Found temporary script execution pattern: "node -e"

node -e "

Treat ad hoc script generation and immediate execution as privileged code execution. Review generated scripts before running them and avoid opaque wrapper commands where possible.

behavioralASST-03
lowUnknown external reference-5

The skill references an unknown external domain which is classified as low risk.

https://www.agentbeat.fun/

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://mainnet.base.org

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://mainnet.base.org`

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://eth.llamarpc.com`

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://bsc-dataseed.binance.org`

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://basescan.org/address/0x8004A169FB4a3325136EB29fA0ceB6D2e539a432

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowUnknown external reference

The skill references an unknown external domain which is classified as low risk.

https://www.moltbook.com/user/youragent

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
infoSafety boundaries defined

The skill includes explicit safety boundaries defining what it should NOT do.

Safety boundary patterns detected in content

Keep these safety boundaries. They improve trust.

contentASST-09