Skillv1.0.0

ClawScan security

ETHSkills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 28, 2026, 6:25 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill coherently fetches Ethereum docs from ethskills.com, but its runtime instructions expect the agent to execute remote tooling (e.g., `npx create-eth@latest`) and to follow external, fetched guidance — a behaviour that isn't fully declared and could lead to running unreviewed code or commands.
Guidance: This skill is mostly what it claims — it points your agent at ethskills.com to fetch up-to-date Ethereum development docs. Before installing, consider: (1) SKILL.md instructs the agent to run commands like 'npx create-eth@latest' but only declares 'curl' as a required binary — ensure your environment has npm/npx and review any packages before running them; (2) the skill delegates runtime behavior to an external host (ethskills.com). Treat fetched SKILL.md content as untrusted until reviewed — remote docs could include commands or steps that execute code. If you plan to let an agent run commands autonomously, sandbox those runs or require manual approval and inspect the fetched documents and any invoked packages (npm packages, scripts) first.

Review Dimensions

Purpose & Capability: noteThe name/description match the behavior: it tells the agent to fetch live Ethereum development docs. However, the SKILL.md includes explicit runtime commands (e.g., 'Run: npx create-eth@latest') that imply using npm/npx and executing code from the network; those tools are not listed in the declared required binaries (only 'curl' is declared).
Instruction Scope: concernInstructions tell the agent to fetch arbitrary SKILL.md pages from an external host and to run commands (example workflow includes 'npx create-eth@latest'). Fetching remote guidance is expected, but the agent may be expected to execute remote-installing tooling and follow fetched procedures verbatim — this grants the external host influence over the agent's actions and could result in running unreviewed code or commands.
Install Mechanism: noteThere is no install spec (instruction-only), which minimizes local writes. However, the skill relies on an external HTTPS host (ethskills.com) for runtime content. Relying on remote docs is reasonable for a documentation skill but increases runtime trust in that domain's content.
Credentials: okThe skill requests no environment variables, no credentials, and only declares 'curl' as a required binary. That is proportionate to a read-only documentation fetcher. The unlisted expectation to run npm/npx is the only mismatch.
Persistence & Privilege: okThe skill does not request always-on presence and has no install that writes persistent configuration. Autonomous invocation is allowed (platform default) and is reasonable for an on-demand documentation skill.