Aidex
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: aidex Version: 1.0.7 The AIDEX skill is a well-architected DEX aggregator that prioritizes security through a client-side signing model, ensuring the user's private key never leaves the local environment. The most critical file, `scripts/swap.js`, implements robust defensive measures, including hardcoded whitelists for transaction destinations (the AIDEX router at 0x1208d02aac7d247eb79b71ce23c792441457e7b3) and spenders, as well as semantic validation of transaction payloads to prevent a compromised API from tricking the user into signing malicious transactions. The `SKILL.md` instructions contain strong safety guardrails for the AI agent, explicitly forbidding the direct handling of private keys and requiring user confirmation for all financial operations.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad agent invocation could approve token spending or execute a swap with real wallet funds.
This documents automatic signing and submission of transaction chains, including token approvals. That is purpose-aligned for a swap tool, but it is a high-impact action and the artifacts do not show a mandatory user confirmation or enforced spending limit before irreversible on-chain execution.
Executes a full swap cycle. The API builds a chain of transactions (approve + swap if needed), the script signs them locally and sends them. Approve is handled automatically
Use explicit per-swap confirmation, show the quote/recipient/allowance before signing, and enforce token and amount limits. Until then, use only a dedicated low-balance trading wallet.
If the configured wallet contains significant funds, any misuse, compromise, or unintended invocation could result in irreversible loss or unwanted trades.
The code reads a raw Ethereum private key from an environment variable or OS keyring and constructs an ethers Wallet. This gives the skill direct signing authority for the wallet, not just access to a narrowly scoped service token.
const fromEnv = normalizePrivateKey(process.env.AIDEX_PRIVATE_KEY); ... const entry = new Entry("aidex", "AIDEX_PRIVATE_KEY"); ... return new Wallet(privateKey);Do not use a main wallet. Create a dedicated trading wallet with limited funds, monitor approvals, revoke unused allowances, and remove the stored key when not actively using the skill.
Installing the skill dependencies adds local package code that participates in signing and credential access.
The skill depends on third-party npm packages, including an optional native keyring library. These dependencies are expected for local Ethereum signing and credential storage and are pinned, but installing them still downloads and runs third-party code.
"dependencies": { "ethers": "6.16.0" }, "optionalDependencies": { "@napi-rs/keyring": "1.2.0" }Run npm install only from the skill directory, keep the skill updated through trusted channels, and review dependency provenance if your environment has strict security requirements.