ClawAudit verdict
agent-dev-toolkit
agent-dev-toolkit-cahdieng
The bundled 'Agent Wallet' component enables autonomous EVM-chain cryptocurrency transactions, real DeFi protocol interactions, and multi-chain asset management without explicit per-transaction user approval, representing elevated financial risk beyond typical dev tooling.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Permission integrity
package_install
Findings (8)
Prompt injection — tries to override agent instructions
dependencies/agent-docs/references/advanced-patterns.md · code · Ignore previous instructions
References agent memory files
dependencies/agent-builder/references/templates.md · code · MEMORY.md
Accesses OpenClaw config/secrets directly
dependencies/agent-builder/references/openclaw-workspace.md · prose · downgraded · ~/.openclaw/openclaw.json
Accesses shell history/config
dependencies/agent-development/rules/agent-memory-limits.md · prose · downgraded · ~/.zshrc
Instructs covert action — may act without user awareness
dependencies/agent-development/rules/custom-agent-instructions.md · prose · downgraded · silently
Accesses sensitive environment variables
dependencies/agent-docs/references/advanced-patterns.md · code · process.env.API_KEY
Makes HTTP request to external URL
dependencies/agent-development/rules/agent-pattern.md · code · fetch('https://
References agent configuration files
dependencies/agent-docs/SKILL.md · prose · downgraded · CLAUDE.md
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class A/B). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
Requires 1 system binary.
package_install Is this flag fair?
Thanks — recorded.