Structs Guild
ReviewAudited by ClawScan on May 14, 2026.
Overview
The skill appears to be a transparent command guide for Structs guild management, but it can initiate wallet-signed on-chain actions affecting tokens, membership, permissions, and permanent public records.
Install only if you intend to manage Structs guilds from this environment. Before signing any transaction, confirm the active wallet, chain, guild/player IDs, target address, token amounts, and whether the action is reversible.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A wrong command or parameter could change guild membership, permissions, ownership, or token balances on-chain.
The skill is explicitly designed to run `structsd tx` operations that can mutate on-chain guild and token state. This is purpose-aligned, but mistakes in IDs, amounts, or targets could have lasting effects.
Guild operations affect token balances, member identities, and on-chain audit records.
Only run transaction commands after explicit user confirmation; verify wallet, IDs, amounts, and target addresses before signing.
If the wrong wallet or signer context is active, actions may be performed under the wrong guild or authority.
The transaction uses the active signer’s wallet/guild context. That is expected for blockchain operations, but it makes the selected account and permissions security-critical.
`guild-bank-mint TX_FLAGS -- [alpha-amount] [token-amount]` (no guild-id — signer's guild is used implicitly
Check the active `structsd` account, chain, and transaction flags before signing any operation.
Users may have less assurance that the displayed package metadata and embedded metadata refer to the same release.
The registry metadata reports version 1.3.1 while the packaged `_meta.json` reports 1.0.1. This does not show malicious behavior, but it is a provenance/packaging inconsistency for a high-impact blockchain command skill.
"version": "1.0.1"
Verify the publisher and intended version before relying on the skill for wallet-signed transactions.