Skillv1.1.0

ClawScan security

Aavegotchi Traits · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 6, 2026, 8:14 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill’s code, instructions, and optional environment variables are coherent with its stated purpose (fetching Aavegotchi data on Base) and do not request unrelated credentials or elevated privileges.
Guidance: This appears to be a straightforward tool for querying Aavegotchi data. Before installing, note: (1) it runs Node scripts and will require npm install to pull standard dependencies from the public npm registry; (2) at runtime it makes network calls to the Base RPC and a Goldsky subgraph (or any RPC/subgraph URL you configure) — if you run it in a sensitive environment be aware of outbound network activity; (3) it does not request any secrets or cloud credentials. If you want extra caution, inspect the included get-gotchi.js and package-lock.json locally or run the scripts in an isolated environment (container) before granting wider access.

Purpose & Capability: okName/description (Aavegotchi Traits) match the included scripts and manifest: the code queries an Aavegotchi contract and an optional subgraph and maps wearable IDs to names. Required binaries/credentials are none; the files and env vars are appropriate for this purpose.
Instruction Scope: okSKILL.md instructs running the provided Node script(s) and optional wrapper; runtime behavior described (RPC/subgraph calls, on-chain scanning fallback) matches the code. The instructions do not ask the agent to read unrelated files or exfiltrate data.
Install Mechanism: okThere is no install spec; this is instruction + script bundle. README recommends npm install to satisfy normal Node dependencies (ethers, node-fetch). The package-lock lists only standard npm packages from the public registry; no downloads from arbitrary URLs or extract steps are present.
Credentials: okNo required secrets or credentials. Optional env vars are RPC/subgraph URLs and retry/batch settings which are proportionate to a blockchain query tool. The code only reads the declared env vars and no other secret-like variables.
Persistence & Privilege: okSkill is not always-enabled and does not request persistent privileges or modify other skills or system settings. It runs as an invoked script and makes network calls consistent with its function.