agentwallet

AgentWallet enables AI agents to manage wallets with secure payment signing and referral rewards, streamlining financial transactions.

Install this skill

0/100

Security score

The agentwallet skill was audited on Feb 16, 2026 and we found 42 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 30

Curl to non-GitHub URL

SourceSKILL.md

30	curl -s -X POST "https://frames.ag/api/wallets/USERNAME/actions/x402/fetch" \

medium line 141

Curl to non-GitHub URL

SourceSKILL.md

141	curl -X POST https://frames.ag/api/connect/start \

medium line 149

Curl to non-GitHub URL

SourceSKILL.md

149	curl -X POST https://frames.ag/api/connect/complete \

medium line 167

Curl to non-GitHub URL

SourceSKILL.md

167	curl https://frames.ag/api/wallets/YOUR_USERNAME/referrals \

medium line 193

Curl to non-GitHub URL

SourceSKILL.md

193	curl https://frames.ag/heartbeat.md

medium line 214

Curl to non-GitHub URL

SourceSKILL.md

214	curl https://frames.ag/api/wallets/USERNAME/balances \

medium line 232

Curl to non-GitHub URL

SourceSKILL.md

232	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/transfer" \

medium line 242

Curl to non-GitHub URL

SourceSKILL.md

242	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/transfer-solana" \

medium line 250

Curl to non-GitHub URL

SourceSKILL.md

250	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/contract-call" \

medium line 257

Curl to non-GitHub URL

SourceSKILL.md

257	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/sign-message" \

medium line 265

Curl to non-GitHub URL

SourceSKILL.md

265	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/faucet-sol" \

medium line 334

Curl to non-GitHub URL

SourceSKILL.md

334	curl https://frames.ag/api/wallets/YOUR_USERNAME/policy \

medium line 340

Curl to non-GitHub URL

SourceSKILL.md

340	curl -X PATCH https://frames.ag/api/wallets/YOUR_USERNAME/policy \

medium line 17

Access to hidden dotfiles in home directory

SourceSKILL.md

17	FIRST: Check if already connected by reading `~/.agentwallet/config.json`. If file exists with `apiToken`, you're connected - DO NOT ask user for email.

medium line 103

Access to hidden dotfiles in home directory

SourceSKILL.md

103	Store credentials at `~/.agentwallet/config.json`:

low line 5

External URL reference

SourceSKILL.md

5	homepage: https://frames.ag

low line 6

External URL reference

SourceSKILL.md

6	metadata: {"moltbot":{"category":"finance","api_base":"https://frames.ag/api"},"x402":{"supported":true,"chains":["solana","evm"],"networks":["solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1","solana:5eykt4Us

low line 30

External URL reference

SourceSKILL.md

30	curl -s -X POST "https://frames.ag/api/wallets/USERNAME/actions/x402/fetch" \

low line 33

External URL reference

SourceSKILL.md

33	-d '{"url":"https://enrichx402.com/api/exa/search","method":"POST","body":{"query":"AI agents","numResults":3}}'

low line 135

External URL reference

SourceSKILL.md

135	Web flow: Ask user for email → direct to `https://frames.ag/connect?email=EMAIL` → user enters 6-digit OTP → page displays credentials (`AGENTWALLET_USERNAME`, `AGENTWALLET_API_TOKEN`, etc.). User

low line 141

External URL reference

SourceSKILL.md

141	curl -X POST https://frames.ag/api/connect/start \

low line 149

External URL reference

SourceSKILL.md

149	curl -X POST https://frames.ag/api/connect/complete \

low line 159

External URL reference

SourceSKILL.md

159	Share your referral link: `https://frames.ag/connect?ref=YOUR_USERNAME&email=THEIR_EMAIL`

low line 167

External URL reference

SourceSKILL.md

167	curl https://frames.ag/api/wallets/YOUR_USERNAME/referrals \

low line 175

External URL reference

SourceSKILL.md

175	Public network stats: `GET https://frames.ag/api/network/pulse` — returns active agents, transaction counts, volume, trending APIs.

low line 177

External URL reference

SourceSKILL.md

177	Personal stats (authenticated): `GET https://frames.ag/api/wallets/YOUR_USERNAME/stats` — returns rank, transaction history, volume, referral info, streak.

low line 185

External URL reference

SourceSKILL.md

185	\| SKILL.md (this file) \| `https://frames.ag/skill.md` \|

low line 186

External URL reference

SourceSKILL.md

186	\| HEARTBEAT.md \| `https://frames.ag/heartbeat.md` \|

low line 187

External URL reference

SourceSKILL.md

187	\| package.json (metadata) \| `https://frames.ag/skill.json` \|

low line 193

External URL reference

SourceSKILL.md

193	curl https://frames.ag/heartbeat.md

low line 196

External URL reference

SourceSKILL.md

196	Base URL: `https://frames.ag/api/v1`

low line 204

External URL reference

SourceSKILL.md

204	Check connection (public, no auth): `GET https://frames.ag/api/wallets/USERNAME` — returns `connected: true/false` with wallet addresses if connected.

low line 210

External URL reference

SourceSKILL.md

210	Direct users to `https://frames.ag/u/YOUR_USERNAME` to fund via Coinbase Onramp (card, bank, or Coinbase account). Supports Base (USDC) and Solana (SOL).

low line 214

External URL reference

SourceSKILL.md

214	curl https://frames.ag/api/wallets/USERNAME/balances \

low line 232

External URL reference

SourceSKILL.md

232	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/transfer" \

low line 242

External URL reference

SourceSKILL.md

242	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/transfer-solana" \

low line 250

External URL reference

SourceSKILL.md

250	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/contract-call" \

low line 257

External URL reference

SourceSKILL.md

257	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/sign-message" \

low line 265

External URL reference

SourceSKILL.md

265	curl -X POST "https://frames.ag/api/wallets/USERNAME/actions/faucet-sol" \

low line 326

External URL reference

SourceSKILL.md

326	\| `insufficient_funds` \| Fund wallet at `https://frames.ag/u/USERNAME` \|

low line 334

External URL reference

SourceSKILL.md

334	curl https://frames.ag/api/wallets/YOUR_USERNAME/policy \

low line 340

External URL reference

SourceSKILL.md

340	curl -X PATCH https://frames.ag/api/wallets/YOUR_USERNAME/policy \

Scanned on Feb 16, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorymarketing

UpdatedApril 4, 2026

openclaw api growth-marketer product-marketer business-development sales-operations financial-analyst marketing sales finance accounting

openclaw/skills