Skillv2.0.0

ClawScan security

AI Agent Lending - Wallet Credit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 24, 2026, 2:28 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (a wallet-based lending interface) matches its instructions and required environment variable, but it relies on an external API endpoint you must trust and will instruct on-chain approvals that can move funds.
Guidance: This skill appears internally consistent for a lending integration, but it depends on an external API URL (LENDING_API_URL) you must trust. Before using: verify the smart-contract addresses on the Somnia explorer; confirm the operator (yoursite.com) is legitimate; test using a throwaway/testnet wallet first; never set or share private keys or secrets as env vars for this skill; when approving USDC, avoid granting unlimited allowances — approve only the specific lending pool and amount you intend to use; and review the lending protocol's audited code/contract sources if available. If you don't trust the API domain, do not set LENDING_API_URL to it, or run equivalent calls against a verified endpoint you control.

Review Dimensions

Purpose & Capability: okThe name/description, listed smart-contract addresses, and instructions all describe a lending protocol that queries a lending API and performs on-chain transactions. Requiring LENDING_API_URL (the protocol API base URL) is consistent with the stated purpose.
Instruction Scope: noteSKILL.md stays within the lending workflow: setting an API URL, reading wallet stats from {LENDING_API_URL}, registering a bot on-chain, granting a BORROW permission, borrowing and repaying via the LendingPool contract. It does not ask for local files or system secrets, but it does instruct the agent (or developer) to submit transactions and to send wallet addresses to the external API endpoint, which will reveal wallet activity to that endpoint.
Install Mechanism: okInstruction-only skill with no install spec and no code files — nothing is written to disk by the skill bundle itself. This minimizes install-time risk.
Credentials: noteOnly one env var is required: LENDING_API_URL (the API base URL). This is proportionate to the skill's function, but note that the primaryEnv is an endpoint (not a secret token). Because the skill will call that endpoint with wallet addresses and other parameters, you must trust the operator of that URL. The skill does not request private keys or tokens, which is appropriate.
Persistence & Privilege: okThe skill does not request always: true and has no install hooks. It does not request system-level persistence or modify other skills' configs.