ClawHub

Api3 Feed Manager Readonly

PassAudited by VirusTotal on May 7, 2026.

Overview

Type: OpenClaw Skill Name: api3-feed-manager-readonly Version: 0.1.0 The skill bundle is a legitimate tool for discovering and planning Api3 data feed activations. It strictly adheres to its 'read-only' claim by providing discovery, verification, and calldata preparation logic without any capabilities for transaction signing or broadcasting. The code in scripts/api3-feed-manager-readonly.js uses standard libraries (ethers, @api3/contracts) and interacts only with official Api3 endpoints (market.api3.org and api3dao.github.io) to fetch pricing and Merkle tree data. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI02: Tool Misuse and Exploitation
What this means

A user or downstream agent could use the generated calldata or browser plan to spend funds or activate a feed, so incorrect inputs should be caught before execution.

Why it was flagged

The skill can produce actionable purchase or contract-call instructions. This is disclosed and framed as review material, not automatic execution, but it could affect funds if a separate executor follows it blindly.

Skill content
generate browser-assisted funding plans
generate exact contract-call payloads for later human or executor use
Recommendation

Treat all generated transaction details as drafts. Verify target addresses, values, calldata, chain IDs, and prices before using any separate wallet or executor.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Future installs could resolve to newer dependency versions than the ones originally tested.

Why it was flagged

The CLI relies on external npm packages with caret version ranges. These dependencies are expected for API3/Ethers integration, but the artifact does not pin exact install-time versions.

Skill content
"dependencies": {
  "@api3/contracts": "^37.0.0",
  "@api3/dapi-management": "^4.13.0",
  "ethers": "^6.15.0"
}
Recommendation

Install from a trusted source, review or generate a lockfile, and use dependency auditing for higher assurance.