Eth Labels
PassAudited by ClawScan on May 1, 2026.
Overview
This is a read-only crypto address lookup skill, but users should notice that it relies on installing and running an external GitHub/NPM-based MCP server and may send address queries to external services.
This skill appears coherent and read-only. Before installing, make sure you trust the referenced GitHub repository and understand that blockchain addresses or search terms you look up may be sent to the MCP server, public API, or RPC endpoint you use.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill as documented means trusting code and dependencies from the referenced repository and NPM environment.
The setup is user-directed and purpose-aligned, but it requires installing and building external GitHub/NPM code that is not included in the reviewed artifact set.
git clone https://github.com/dawsbot/eth-labels.git cd eth-labels/mcp npm install npm run build
Install only if you trust the repository; consider reviewing the package files, pinning a specific commit, and avoiding direct source execution unless you are comfortable with the code.
Wallet addresses, labels searched, and balance checks may reveal what blockchain accounts the user is interested in to the MCP/API/RPC providers.
The skill discloses that lookups use an MCP server and may use public API or RPC endpoints, so queried addresses or search terms can be shared with those services.
all via the eth-labels MCP server ... get_balance ... rpcUrl (string, optional): Custom RPC endpoint ... Public API alternative
Avoid querying sensitive personal wallet addresses through providers you do not trust, and use a trusted RPC endpoint when supplying a custom RPC URL.