Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Cross-Chain Arbitrage CN | 跨链套利
v1.0.0跨链套利 | Cross-Chain Arbitrage. Uniswap 跨链套利机会 | Uniswap cross-chain arbitrage. 发现不同链上的价格差异 | Find price differences across chains. 触发词:跨链、套利、Uniswap、arbitrage.
⭐ 0· 595·1 current·1 all-time
byGuohongbin@guohongbin-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose is full pipeline arbitrage including on-chain execution and cross-chain settlement. However, it declares no required environment variables, no config paths, and no code — yet execution of trades normally requires wallet access/private keys or an external custody integration. The allowed-tools (mcp__uniswap__*, cross-chain-executor subagent) might imply platform-managed tooling, but the SKILL.md does not explain how transaction signing/privilege is obtained or how funds are controlled. Also _meta.json ownerId differs from the registry ownerId in the manifest, and the source/homepage are unknown — metadata inconsistencies increase concern about provenance.
Instruction Scope
SKILL.md describes scanning, cost accounting, risk assessment, and an 'execute' mode that will 'assess risk, and execute if profitable' using ERC-7683. The instructions appear focused on the declared task (scan → risk → execute) and include a 'scan-only' mode. However, the runtime instructions do not explicitly state how signing/authorization is handled (e.g., user wallet prompts, platform custody, or required approvals), nor do they enumerate what external endpoints or services are called beyond Uniswap/bridges. That omission grants broad operational discretion to the agent unless the platform enforces constraints.
Install Mechanism
No install spec and no code files — this is an instruction-only skill, so nothing will be downloaded or written during install. That reduces code-execution risk from the skill bundle itself. The README suggests a GitHub-based install command, but the installed package contents were not provided here.
Credentials
For on-chain execution the skill should normally declare required credentials (private key, wallet provider, RPC keys, or integration with a custody provider). It lists none. Requiring no env vars is disproportionate given the ability to execute trades. If the platform provides agent custody or signing via 'mcp' tools, that should be documented; absence of that explanation is a red flag. The mismatch between manifest ownerId and _meta.json ownerId also creates provenance uncertainty.
Persistence & Privilege
always is false (good). Model invocation is enabled (default) so the skill can be used autonomously by the agent — this is expected for skills but increases risk if execution privileges are available. The skill lists subagent Task types which allow spawning specialized tasks; depending on platform controls this could enable multi-step autonomous actions. No evidence the skill modifies other skills or system configs.
What to consider before installing
Do not grant signing keys or automatic trade execution permissions to this skill without answers to these questions: (1) How are transactions signed? (platform custody, user wallet prompt, or do you need private keys/env vars?) (2) Which RPC endpoints, bridges, and external services will be called, and are they documented? (3) Who runs/owns the code and where is the source repository for audit? Before enabling execution, require: (a) run in scan-only mode to verify outputs, (b) manual, explicit confirmation for any execution (no silent signing), (c) audits of any platform 'mcp' tools that will perform trades, and (d) test on small amounts or testnets. The metadata owner mismatch and missing provenance are additional reasons to verify the upstream repository and author identity before trusting this skill with funds.Like a lobster shell, security has layers — review code before you run it.
arbitragevk97drrka7sb6t1v3gqe8d2vzwx81ae2qchinesevk97drrka7sb6t1v3gqe8d2vzwx81ae2qdefivk97drrka7sb6t1v3gqe8d2vzwx81ae2qlatestvk97drrka7sb6t1v3gqe8d2vzwx81ae2q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⛓️ Clawdis