ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tempo Stable + Uniswap Swaps

v1.0.0

Tempo stablecoin and token swap operations for agents. Use when working with pathUSD/USDC.e balances, swapping between USDC.e and pathUSD, or executing any-t...

0· 137·0 current·0 all-time
by@aviclaw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes exactly the stated purpose (Tempo swaps, pathUSD/USDC.e, Uniswap Trade API). However the registry metadata lists no required env vars or binaries while the SKILL.md explicitly requires PRIVATE_KEY, UNISWAP_API_KEY, and tools (cast/curl/jq). The missing declarations are an incoherence (likely sloppy metadata) that increases risk because sensitive requirements are not surfaced.
!
Instruction Scope
Runtime instructions tell the agent to use a PRIVATE_KEY to derive wallet addresses, build/send transactions, approve Permit2 with effectively unlimited allowance, call Uniswap trade API with an API key, and optionally run a remote Foundry installer. The instructions do not ask to read unrelated files, but they do perform high-impact actions (signing/broadcasting transactions and setting broad approvals) that require the user's private key and therefore carry high risk if misused.
Install Mechanism
There is no formal install spec (skill is instruction-only), which is low risk. But the SKILL.md suggests installing Foundry via a remote curl | bash from foundry.paradigm.xyz — an external installer executed from a script is higher-risk operationally (even if the host is a known provider). This should be considered when following the instructions.
!
Credentials
The env/credential needs in the instructions (PRIVATE_KEY and UNISWAP_API_KEY, optional RPC_URL) are plausible for a swap tool, but the registry metadata failing to declare them is a mismatch. The PRIVATE_KEY is extremely sensitive (gives full wallet control). UNISWAP_API_KEY is reasonable, RPC_URL optional. The skill also instructs granting very large Permit2 allowances — functional for swaps but increases exposure if keys are compromised.
Persistence & Privilege
The skill does not request always:true, does not supply an install that writes persistent code, and does not claim to modify other skills or global agent settings. Autonomous invocation is allowed (default) which increases blast radius when combined with PRIVATE_KEY access, but that default alone is not flagged per policy.
What to consider before installing
This skill contains valid, actionable instructions to perform token swaps on Tempo, but it expects you to provide a PRIVATE_KEY (full control of the wallet) and an UNISWAP_API_KEY even though the published metadata did not declare those requirements — treat that as a red flag. Before using or installing: - Do not supply your primary/private mainnet key. Use an ephemeral or tightly funded wallet, or a hardware wallet with manual signing. If you must provide PRIVATE_KEY to an automated agent, accept the risk that the agent could broadcast arbitrary transactions. - Limit Permit2 approvals: avoid the unlimited/huge allowance pattern unless you understand and accept the exposure. Approve minimal amounts or use short expirations where supported. - Verify endpoints and addresses: confirm RPC_URL, token addresses, Permit2 address, and Uniswap API host are correct and official for Tempo mainnet. - Be cautious about running remote installers (the SKILL.md suggests curl | bash for Foundry). Prefer installing tools manually from verified sources or using package managers you trust. - Consider asking the publisher to update the skill metadata to explicitly declare required env vars and binaries (PRIVATE_KEY, UNISWAP_API_KEY, cast/curl/jq) so risks are visible before install. If you cannot accept these risks or cannot constrain the key/allowances, do not use this skill. If you proceed, test with a small amount or on a non-production wallet first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dgyfsm77ac1c43rxwnygfq1836dv6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments