DeAI.au
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its stated DeAI marketplace purpose, but it gives an agent direct wallet-signing power for irreversible on-chain financial transactions without built-in confirmation or tight contract-destination safeguards.
Only install this if you understand that it can let an agent sign real Base blockchain transactions. Use a dedicated low-balance wallet, verify all DeAI contract addresses from the official discovery endpoint, avoid non-interactive password files unless necessary, and require explicit approval for every approval, bid, buy, or listing action.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent invokes these scripts with the configured account, it can place bids, buy assets, approve token spending, or list assets on-chain; those transactions may cost money and may not be reversible.
The bidding script directly submits a blockchain transaction using the configured wallet. Similar cast send calls exist for buyNow, createAuction, approve, cancel, settle, and register, but the scripts do not include a final confirmation or dry-run safeguard before irreversible financial actions.
TX_HASH=$(cast send "$ASSET_AUCTION_ADDR" \
"bid(uint256,uint256)" \
"$AUCTION_ID" "$AMOUNT_RAW" \
"${CAST_FLAGS[@]}"Require explicit user approval before any cast send operation, use a dedicated low-balance wallet, review auction IDs and amounts carefully, and consider adding dry-run/confirmation prompts to the scripts.
A misconfigured or poisoned environment could route approvals or transactions to the wrong contract address while still passing the skill's basic configuration check.
The configuration check only verifies that critical contract addresses are set, while transaction scripts later send approvals and marketplace calls to those environment-provided addresses. It does not verify that they match DeAI-published contract addresses.
check_addr "AssetAuction" "$DEAI_ASSET_AUCTION_ADDR" check_addr "Escrow" "$DEAI_ESCROW_ADDR" check_addr "Identity" "$DEAI_IDENTITY_ADDR"
Compare configured contract addresses against https://deai.au/.well-known/deai.json or the documented reference addresses before signing transactions, and avoid using environment values from untrusted sources.
The configured account can sign transactions that spend tokens, approve allowances, transfer assets, or create marketplace listings.
The scripts use a local Foundry keystore account and optionally a password file to sign transactions. This is purpose-aligned for DeAI trading, but it gives the agent high-impact delegated wallet authority, especially when the password file enables non-interactive signing.
CAST_FLAGS=(--rpc-url "$DEAI_RPC_URL" --account "$DEAI_ACCOUNT")
if [[ -n "${DEAI_PASSWORD_FILE:-}" ]]; then
...
CAST_FLAGS+=(--password-file "$DEAI_PASSWORD_FILE")Use a separate DeAI-only wallet with limited funds and allowances, protect any password file with strict permissions, and avoid enabling non-interactive signing unless you have strong operational controls.