ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ZeroEx Swap

v1.0.1

Execute token swaps using the 0x API with support for price quotes, gasless meta-transactions, and on-chain trade history retrieval.

0· 556·1 current·1 all-time
by@aviclaw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (0x swaps, quotes, gasless meta-tx) match the code and SKILL.md. Requested env vars (ZEROEX_API_KEY, PRIVATE_KEY) and dependencies (axios, ethers, viem) are proportionate to making API calls and signing/sending transactions.
Instruction Scope
SKILL.md and the scripts instruct the agent to call 0x endpoints, sign EIP‑712 payloads, and use an RPC provider — all expected. The skill requires the user's private key to sign transactions (sensitive but necessary). The SKILL.md and code do expose and log wallet address and will send data to 0x and to configured/default RPC endpoints (which can observe requests and transactions).
Install Mechanism
There is no opaque install downloader; it's an instruction-only skill with normal npm dependencies declared in package.json. Dependencies (axios, ethers, viem) are appropriate and expected.
Credentials
Requested environment variables are limited and appropriate: ZEROEX_API_KEY (API access) and PRIVATE_KEY (to sign/send swaps). One minor mismatch: swap.js also accepts ZEROEX_PRIVATE_KEY as an alternative but SKILL.md doesn't mention it. No unrelated secrets are requested.
Persistence & Privilege
Skill does not request always:true, does not modify other skills or system-wide configs, and has no persistent installation actions declared. Autonomous invocation is allowed but is the platform default.
Assessment
This skill appears to do what it says, but it's handling real funds so proceed carefully: 1) Use a dedicated hot wallet with minimal funds and never use your main seed phrase. 2) Be aware the PRIVATE_KEY must be provided in environment variables — keep it secret and ephemeral; avoid long‑lived env variables on shared systems. 3) The code uses default third‑party RPC endpoints (e.g., llamarpc.com and mainnet.base.org); these providers will see your transactions and addresses — if privacy/trust is a concern, set RPC_URL to your own node or a trusted RPC. 4) Review the code before running; there are small implementation inconsistencies (e.g., swap.js accepts ZEROEX_PRIVATE_KEY but SKILL.md doesn't mention it, and quote.js references path/fileURLToPath without importing them) which are likely bugs rather than malicious. 5) Consider running in a sandboxed environment and test with tiny amounts first.

Like a lobster shell, security has layers — review code before you run it.

basevk978bn3je416x1vzkprpw193zs81ksfhdefivk978bn3je416x1vzkprpw193zs81ksfhethereumvk978bn3je416x1vzkprpw193zs81ksfhlatestvk978bn3je416x1vzkprpw193zs81ksfhswapvk978bn3je416x1vzkprpw193zs81ksfh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments