Gator CLI
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent MetaMask Gator CLI helper, but it exposes high-impact wallet and delegation actions such as transfers, ownership changes, and raw contract calls without clear approval guardrails in the provided artifacts.
Install only if you intentionally want an agent to help operate MetaMask Gator CLI. Treat every create, grant, redeem, revoke, functionCall, ownershipTransfer, and raw command as a financial/account transaction: review exact chain, profile, addresses, amounts, scopes, and calldata before allowing execution. Prefer testnets or low-value profiles, protect ~/.gator-cli, and install the CLI from a trusted, pinned source when possible.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or prompt-influenced invocation could move funds, grant excessive authority, or execute an unintended on-chain contract call.
These documented commands can transfer assets, transfer contract ownership, execute function calls, or submit arbitrary calldata. The provided artifact does not show explicit confirmation or simulation requirements before such high-impact actions.
Supported action types: `erc20Transfer`, `erc721Transfer`, `nativeTransfer`, `functionCall`, `ownershipTransfer`, `raw` ... `raw`: `--target`, `--callData`, `--value`
Require explicit user approval for every create, grant, redeem, revoke, raw, functionCall, or ownershipTransfer command. Show chain, profile, from/to addresses, token, amount, calldata, and expected effect before execution.
Anyone or any agent process able to use the configured profile may be able to sign transactions or delegations for funded accounts.
The skill involves wallet private-key creation/storage and signing delegated account authority. That is sensitive account control, and the registry metadata lists no primary credential or required config path.
Generate a private key and save config. ... Config path: `~/.gator-cli/permissions.json` ... Create, sign, and store a delegation
Use a dedicated low-value/test profile, protect ~/.gator-cli, document the credential/config paths clearly, and require user approval before any signing or on-chain transaction.
The installed npm package, not this instruction-only skill, supplies the executable code that will run locally.
Installing the external CLI is expected for this skill, but the artifacts do not include the package code and the install command shown in SKILL.md is not version-pinned.
node | package: @metamask/gator-cli | creates binaries: gator
Install from the official package source, consider pinning a reviewed version, and keep the CLI updated from trusted MetaMask documentation.
Local delegation records may reveal account relationships and could influence later delegation operations if altered or stale.
The CLI may persist delegation data locally and reuse it for later inspect, redeem, or revoke workflows. This is purpose-aligned but sensitive because stale or modified local state could affect future actions.
Delegations local cache: `~/.gator-cli/delegations/<profile-name>.json` when storage not configured
Protect the ~/.gator-cli directory, review stored delegations before redeeming or revoking, and avoid sharing these files.