On-Chain Skill Audit
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for Solana-based skill provenance checks, but users should verify the external package and explicitly approve any wallet-signed on-chain writes.
This skill appears purpose-aligned, especially for read-only provenance checks. Before installing or using write features, verify the referenced npm package and do not sign register, audit, vouch, or report-inscription transactions unless you intend to publish that information on-chain and pay any associated fees.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken register, audit, or vouch action could spend SOL and publish a persistent on-chain record.
The skill exposes wallet-signed Solana write operations that create persistent public records and can cost SOL. This matches the stated purpose, but transaction approval and impact should be clear to the user.
registerSkill({ connection, signer, ... }) Writes to `skill_registry` table... auditSkill({ connection, signer, ... }) Writes to `skill_audits` table... vouchForSkill({ connection, signer, ... }) Writes to `skill_vouches` table... Reads are free. Only writes cost SOL. Append-only.Use read-only checks freely, but require explicit user confirmation before any register, audit, vouch, or codeIn inscription transaction.
The skill may ask to use a Solana wallet for actions that affect the account and spend network fees.
The skill requires wallet signing authority and token holdings for write actions. This is expected for an on-chain registry, but it is sensitive account authority.
Solana wallet for writes - IQ tokens for audit writes
Use a dedicated or low-risk wallet where possible, review every transaction prompt, and avoid granting broad wallet authority beyond the specific intended write.
Installing or running the referenced package could introduce behavior not visible in this instruction-only review.
The core implementation is delegated to an external npm package that is not included in the reviewed artifacts. This is not inherently unsafe, but the package provenance and exact code were not assessed here.
Package: [`@rocketlabs/skill-audit`](https://www.npmjs.com/package/@rocketlabs/skill-audit)
const { checkSkill, registerSkill, auditSkill, vouchForSkill, hashSkill } = require('@rocketlabs/skill-audit');Verify the npm package source, version, publisher, and dependency tree before using it with a wallet signer.
Audit details or reports may become persistent public context that other users or agents could rely on later.
The skill can persist audit/report context through on-chain inscriptions. That is purpose-aligned, but users should avoid inscribing sensitive details unintentionally.
Optionally run ZeroLeaks first and inscribe full report via codeIn... Row limit: ~100 bytes. Full data via codeIn inscriptions... Append-only.
Only inscribe reports that are intended to be public and permanent; redact secrets, private paths, and unnecessary local details before publishing.