Back to skill
Skillv1.0.0
ClawScan security
1inch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 31, 2026, 10:48 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and dependencies are consistent with a 1inch API client for quoting and building swaps; there are no hidden endpoints, installers, or unrelated credential requests, though you should avoid passing private keys to it and confirm the API hostname is correct for your use.
- Guidance
- This skill appears to be a straightforward 1inch API client. Before installing: 1) Verify the API base URL (the SKILL.md uses 'api.1inch.dev' — confirm that's the official endpoint you want to use). 2) Do not pass private keys into the skill or agent unless you understand where they will be logged or stored; the execute_swap method accepts a private_key parameter and prints transaction data, which could leak secrets in logs. 3) Provide an API key only when needed and prefer scoped/limited keys. 4) Review and test the code in a sandboxed environment (no special install required beyond 'requests') to confirm behavior and to ensure you are comfortable with network calls to the 1inch API.
Review Dimensions
- Purpose & Capability
- okName/description match the included Python client and swap helper code. The two modules implement quote, swap, token, spender and approval endpoints consistent with a 1inch DEX aggregator client. No unrelated binaries, services, or credentials are requested.
- Instruction Scope
- noteSKILL.md and the example code stay within the stated purpose (calling 1inch endpoints to get quotes and build swap/approval txs). The code includes an execute_swap(private_key=...) parameter that prints transaction data when a private key is provided; the SKILL.md examples do not advise about private-key handling or logging, so users could accidentally expose secrets in logs if they supply keys. Also the SKILL.md uses the base URL 'https://api.1inch.dev/swap/v5.2' — verify this is the intended official endpoint for your environment.
- Install Mechanism
- okInstruction-only skill with included source files; no install spec or external downloads. The only dependency is the common 'requests' Python package as declared. Nothing is being fetched from arbitrary URLs or extracted to disk.
- Credentials
- noteThe skill metadata declares no required environment variables, and the code requires an API key parameter passed to the client (not implicitly via environment). This is proportionate for an API client, but there's a minor metadata mismatch: the skill effectively requires a 1inch API key at runtime even though no env vars are declared. No other credentials or unrelated secrets are requested.
- Persistence & Privilege
- okalways: false and normal invocation settings. The skill does not request persistent system privileges, modify other skills, or store/enable itself autonomously.