Agentic Lending Morpho
AdvisoryAudited by Static analysis on May 8, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used in execution mode, the agent may submit irreversible on-chain transactions and spend funds for feed funding or deployment gas.
The skill can perform real blockchain funding and deployment actions, which are high-impact, but the instructions disclose this and gate it on explicit user approval.
When the supported path is available and the user explicitly asks for it, this variant can send real transactions
Start with planning or dry-run mode, confirm chain/assets/market parameters, and approve exact transaction details before exposing signer credentials.
A wallet signer could spend funds or deploy contracts if the workflow is run in live mode.
The skill requires a signer environment variable, which can authorize wallet transactions. This is expected for the stated deployment workflow but is sensitive authority.
env:
- LIVE_SIGNER_ENV
primaryEnv: LIVE_SIGNER_ENVUse a dedicated limited-balance signer, avoid broad production wallets, and remove or rotate signer material after use.
Deploying bundled artifacts means trusting the package’s included bytecode and runtime data.
The package includes bundled contract artifacts used for deployment. This is purpose-aligned, but users should verify package provenance and bytecode before deploying.
bundled planning data under `data/part2/` ... contract artifacts required by the shared planner plus Morpho adapter deployment
Install from the expected publisher/source, compare bytecode against audited or official contract artifacts where possible, and review generated deployment output.