Ceo Protocol Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
This DeFi skill is coherent, but it can use a wallet private key to submit on-chain transactions while its metadata does not declare that credential or the needed setup.
Only install this if you understand the DeFi protocol and are comfortable giving an agent a dedicated wallet key. Use a new low-balance wallet, review every proposed action and proposal URI, run dry-runs first, and do not let the agent sign transactions automatically.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If AGENT_PRIVATE_KEY is present, the agent can sign blockchain transactions from that wallet, spending gas and exercising whatever authority that wallet has.
The script requires a raw wallet private key and turns it into a signing account. The registry metadata declares no required env vars or primary credential, so this high-impact authority is under-declared.
const account = privateKeyToAccount(requiredEnv("AGENT_PRIVATE_KEY"));Use only a dedicated low-balance agent wallet, never a main wallet, and require explicit user approval before any signed transaction.
An agent using this skill could submit on-chain governance proposals without an additional built-in approval prompt, which may spend gas and affect protocol governance.
The script supports a dry-run, but the default path broadcasts a CEOVault transaction. This is expected for a DeFi governance skill, but it is high-impact and the artifacts do not show an explicit confirmation gate.
if (dryRun) { ... return; }
const hash = await walletClient.writeContract({
address: CEO_VAULT,
abi: CEO_VAULT_ABI,
functionName: "registerProposal",Run with --dry-run first, inspect the proposal actions and URI, and require explicit confirmation before broadcasting any transaction.
Installing this skill as documented may add extra skills and npm packages that were not part of the main skill’s install metadata.
The skill asks users to install companion skills and npm dependencies even though the registry lists no install spec. This is disclosed and related to the protocol workflow, but it expands the trusted code base.
Install these companion skills from ClawHub... clawhub install fabriziogianni7/8004-skill-monad ... clawhub install fabriziogianni7/pond3r-skill ... run `cd scripts && npm install` once
Review the companion skills and the npm lockfile before installing, and install in a controlled environment.