Cardano Balances
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is read-only in intent, but it asks for a full Cardano seed phrase and relies on an external Node MCP package, so users should review it carefully before use.
Do not provide a real wallet seed phrase unless you fully trust and have verified the MCP package and runtime. For balance checks, prefer a watch-only address, read-only wallet export, or test wallet, and run the MCP server in an isolated environment.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the seed phrase is exposed or misused by the MCP server or package, the wallet funds could be at risk, not just the balance information.
A seed phrase is a full wallet recovery credential, not merely a read-only balance credential. Requiring it for balance/address/UTxO lookup is materially overbroad unless very tightly bounded and audited.
description: "Query wallet balances, addresses, and UTxOs on the Cardano blockchain." ... requires:\n env: [SEED_PHRASE]
Avoid entering a main-wallet seed phrase. Prefer a watch-only address, xpub/read-only mechanism, or a test wallet, and only use this with a trusted, audited, isolated MCP server.
You must trust the external package with a wallet recovery phrase, and package updates or an untrusted package source could change what code runs.
The executable behavior is supplied by an external Node package, while the provided artifacts include no code files to review and no pinned package version. This is more concerning because the package is expected to handle SEED_PHRASE.
[0] node | package: @indigoprotocol/cardano-mcp
Pin and verify the package version, review its source before use, and run it in an isolated environment with a low-value or read-only wallet setup.
Your wallet addresses and holdings may become visible to the agent, local MCP server, and any associated logs or transcripts.
Wallet data is obtained through an MCP server boundary and returned to the agent. This is purpose-aligned, but it means balances, addresses, and UTxOs may pass through MCP/tool and chat contexts.
- `@indigoprotocol/cardano-mcp` server running ... `get_addresses` — Retrieve all Cardano addresses for the connected wallet
Use only a trusted local MCP server and avoid querying wallets where address or balance privacy is important unless you understand where the data is logged or retained.