ClawHub
Back to skill
v0.1.0

SushiSwap API

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:21 AM.

Analysis

Prompt-injection indicators were detected in the submitted artifacts (base64-block); human review is required before treating this skill as clean.

GuidanceBefore installing, understand that this skill is for SushiSwap quote, price, and transaction-data generation only. It does not appear to contain code or request wallet credentials, but you should verify every generated transaction in your wallet, confirm slippage and fee/referrer settings, and avoid sending unnecessary wallet or trade details. ClawScan detected prompt-injection indicators (base64-block), so this skill requires review even though the model response was benign.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
references/OPENAPI.md
Swap endpoints return **executable transaction data**
  - `tx.to`
  - `tx.data`
  - `tx.value`
  - `tx.gas`

The skill can help construct executable blockchain transaction data. This is central to the stated purpose and no signing authority is requested, but the output can affect user funds if later submitted.

User impactA user could rely on generated transaction data when making a token swap, so mistakes in tokens, amounts, slippage, recipient, or route could lead to financial loss if the user signs it.
RecommendationOnly generate swap transaction data for explicit user requests, show the user the chain, tokens, amount, recipient, slippage, fees, and target contract, and tell the user to verify details in their wallet before signing.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
The SushiSwap API supports customized integrator fees on swap-related endpoints ... Swap-related requests follow an **80/20 fee split by default**

The artifacts disclose referrer and fee behavior for swap-related requests. This is purpose-aligned but affects the economics of a swap.

User impactSwap requests may include referrer or fee-related parameters that can change who receives integrator fees or how swap economics are represented.
RecommendationDo not add or change fee, fee receiver, or referrer values without clear user or integrator intent, and disclose any fee-related settings before a user acts on a swap.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
Base URL

```
https://api.sushi.com
```

The skill is designed to send requests to an external SushiSwap API. Swap requests described in the schema include parameters such as sender, recipient, tokens, and amount.

User impactUsing the skill can reveal wallet addresses, token pairs, amounts, and trading intent to the SushiSwap API, which is expected for this integration but still privacy-relevant.
RecommendationUse the documented SushiSwap base URL, avoid sending unnecessary wallet or trade details, and inform users that quote and swap lookups are sent to an external API.