DEX Swap & Broadcast
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for OKX token swaps, but it asks for wallet/API secrets and can broadcast irreversible on-chain transactions without clearly declared credential requirements or a visible mandatory approval gate.
Use this only if you are comfortable with an agent-assisted workflow that can prepare and broadcast real token swaps. Avoid giving the agent raw private keys; use an external wallet or hardware signer, review every transaction and approval before signing, verify token/receiver/referral addresses, and test with a low-value wallet first.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user provides a private key, signer, or API secrets to the agent, misuse or mistakes could lead to irreversible token swaps or loss of funds.
The skill declares that it needs OKX API credentials and wallet signing authority, including a private key or signer. That is high-impact access because it can authorize financial transactions.
required_context: [api_key, secret_key, passphrase, user_wallet_address, private_key_or_signer]
Do not paste raw private keys into the agent. Prefer a hardware wallet, wallet-confirmation flow, or tightly scoped external signer, and ensure OKX credentials are least-privilege and intentionally supplied.
A mistaken or unintended invocation could submit a real blockchain transaction, spend gas, approve tokens, or swap assets at unfavorable terms.
The skill is designed to proceed from swap construction to broadcasting a signed transaction. Broadcasting on-chain transactions is irreversible and high-impact, and the visible artifact does not establish a mandatory user approval checkpoint before broadcast.
This skill covers the FULL lifecycle: /swap endpoint (get tx data) + /broadcast-transaction endpoint (submit signed tx).
Require explicit user review and confirmation of token addresses, amounts, slippage, receiver, approvals, fees, and final signed transaction before any broadcast call.
Users may need to install packages manually, and dependency versions/provenance are not pinned in the provided artifacts.
The included script has a runtime dependency, while the registry says there is no install spec. This is not malicious by itself, but users should notice that dependency installation is not captured by the registry metadata.
raise ImportError("Please install requests: pip install requests")Install dependencies intentionally from trusted sources and prefer a reviewed, pinned requirements file before using the script with real funds.