Sui Move
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent Sui/Move development helper, but it relies on downloaded reference material and documents on-chain commands that should be run deliberately.
This skill looks reasonable for Sui/Move development. Before installing or using it, be aware that setup may clone changing GitHub documentation, metadata does not fully declare the required tools, and any Sui publish/call commands should be treated as manual actions that can spend gas or affect on-chain state.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The installer may not clearly warn users that local tools such as the Sui CLI and ripgrep may be needed.
The registry does not surface install requirements, while SKILL.md declares `bins: [sui, rg]` and a brew install for `sui`. This is under-declared setup metadata, though it is aligned with the Sui development purpose.
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill.
Check prerequisites manually before relying on the skill, and prefer metadata that accurately declares required tools.
Answers may depend on the current state of remote repositories, which could change or become inconsistent with prior behavior.
The setup script clones and later pulls unpinned remote documentation from GitHub. This is expected for a documentation skill, but the referenced content can change over time.
git clone --depth 1 https://github.com/MystenLabs/move-book.git ... cd move-book && git pull && cd ..
Run setup intentionally, use trusted networks, and pin repository commits if reproducibility or high-assurance development is important.
If run against a real wallet or mainnet environment, these commands can have public and potentially irreversible effects.
The skill documents Sui CLI commands that can submit blockchain transactions, spend gas, or mutate on-chain state. They appear as reference examples rather than hidden automatic execution.
sui client publish --gas-budget 100000000 ... sui client call --package <PACKAGE_ID> --module <MODULE> --function <FUNCTION> --args <ARGS>
Confirm network, wallet, gas budget, and exact transaction intent before running publish or call commands; prefer testnet/devnet for experiments.
Generated guidance or code may reflect outdated or changed documentation/examples.
The skill instructs the agent to rely on locally cloned reference material as context. This is purpose-aligned, but those references are external content and may be stale or over-trusted.
Search references first ... Read relevant files ... Provide code examples from the references
Treat retrieved examples as references, verify important code against current official Sui documentation, and review smart contracts before deployment.