XRPL Transaction Builder
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is transparently about building and submitting XRP Ledger transactions, but users should treat it carefully because signed blockchain actions can move funds or change account/NFT state.
Install only if you intend to build XRPL transactions. Verify every transaction in Xaman before signing, especially amount, destination, destination tag, NFT fields, fees, and whether you are using a mainnet endpoint. The reviewed artifact does not show hidden code or credential capture.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user signs the wrong payload or submits it to the wrong network, funds, NFTs, or account settings could be affected.
The skill documents direct submission of a signed XRPL transaction. This is aligned with the skill purpose, but submitted blockchain transactions can move funds or change ledger state and may be hard or impossible to reverse.
const result = await client.submit(txBlob);
Before signing or submitting, verify the destination address, amount, destination tag, transaction type, fees, and whether the endpoint is mainnet or testnet.
A signed wallet payload authorizes a real account action on XRPL.
The skill relies on a user's wallet authority through Xaman signing. This is expected for the stated purpose and no private key capture is shown, but wallet approval is a sensitive permission boundary.
After user signs with Xaman, submit:
Only sign in Xaman after reviewing the transaction details shown by the wallet and confirming they match the request.
Users may install whatever version npm resolves at the time, which can affect behavior or security posture.
The setup example installs the xrpl package from npm without a pinned version. This is normal for an instruction-only XRPL integration, but package version and provenance are not fixed by the artifact.
npm install xrpl
Use a trusted project environment and consider pinning a known xrpl package version.