Eth Labels
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill as documented means trusting code and dependencies from the referenced repository and NPM environment.
The setup is user-directed and purpose-aligned, but it requires installing and building external GitHub/NPM code that is not included in the reviewed artifact set.
git clone https://github.com/dawsbot/eth-labels.git cd eth-labels/mcp npm install npm run build
Install only if you trust the repository; consider reviewing the package files, pinning a specific commit, and avoiding direct source execution unless you are comfortable with the code.
Wallet addresses, labels searched, and balance checks may reveal what blockchain accounts the user is interested in to the MCP/API/RPC providers.
The skill discloses that lookups use an MCP server and may use public API or RPC endpoints, so queried addresses or search terms can be shared with those services.
all via the eth-labels MCP server ... get_balance ... rpcUrl (string, optional): Custom RPC endpoint ... Public API alternative
Avoid querying sensitive personal wallet addresses through providers you do not trust, and use a trusted RPC endpoint when supplying a custom RPC URL.