ClawHub
Back to skill
v0.1.1

Deside Messaging

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:24 AM.

Analysis

This is a coherent instruction-only Deside messaging skill, but using it gives an agent authenticated wallet-based access to read and send DMs through Deside.

GuidanceThis skill appears benign and aligned with its description. Before installing or using it, make sure you trust Deside’s MCP service, grant only the needed read or write scope, and require explicit confirmation before the agent sends messages or marks conversations as read.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
Canonical Tools For This Skill ... `send_dm` ... `read_dms` ... `mark_dm_read` ... `list_conversations`

The documented tools include message-sending and read-acknowledgement actions that can change communication state. These actions match the skill purpose, but should be user-directed.

User impactA mistaken or overly autonomous use could send a DM to the wrong wallet or mark messages as read.
RecommendationConfirm the recipient, message content, and any read-acknowledgement action before allowing the agent to perform write operations.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
Deside MCP uses both: ... an OAuth bearer token obtained through OAuth 2.0 + PKCE ... sign the wallet challenge with the Solana wallet ... Use scopes intentionally: `dm:read` ... `dm:write`

The skill requires authenticated wallet authority and OAuth scopes that allow reading and sending DMs. This is expected for the integration, but it is sensitive account access.

User impactIf used, the agent may act with your wallet-authenticated Deside permissions to read DM data or send messages.
RecommendationUse the narrowest scope needed, verify the Deside OAuth endpoint, and revoke access if you no longer want the agent to use it.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
SKILL.md
Canonical MCP endpoint: `https://mcp.deside.io/mcp` ... read conversation history ... receive incoming realtime updates through `notifications/dm_received`

DM contents, message history, and notifications are handled through an external MCP provider. This is disclosed and central to the skill, but users should understand the data boundary.

User impactYour messaging metadata and DM content may be processed through Deside’s MCP service during use.
RecommendationUse the skill only if you trust the Deside MCP service and avoid sending highly sensitive secrets through DMs unless appropriate.