Skillv1.0.0

ClawScan security

XRPL Transaction Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 14, 2026, 8:50 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requirements are consistent with a transaction-builder for the XRP Ledger, but it relies on third-party endpoints and a runtime npm install (no provenance), so exercise caution before using it with real funds.
Guidance: This SKILL.md appears coherent for building and submitting XRPL transactions, but it comes from an unknown source and is instruction-only. Before using it with real funds: (1) prefer official/public XRPL endpoints (or run your own node) rather than unverified wss:// nodes like xrplcluster.com; (2) never paste or store private keys in the agent—use the external wallet (Xaman) signing workflow and verify the signed blob yourself; (3) review and pin the xrpl npm package version and inspect its source (use package-lock, verify maintainers or GitHub repo) before running npm install; (4) test on XRPL Testnet first; (5) if you need higher assurance, ask the publisher for source/homepage or use a well-known library/example from the official XRPL docs.

Purpose & Capability: okName/description match the SKILL.md examples: building Payment and NFT transactions, signing with an external wallet (Xaman), and submitting to XRPL nodes. There are no unrelated credentials or binaries requested.
Instruction Scope: noteThe SKILL.md stays within XRPL transaction-building and submission. It references an external signing step (Xaman) rather than handling private keys, which is appropriate. However the instructions are minimal (no client.connect example, no error handling) and point to a non-official RPC endpoint (wss://xrplcluster.com) in addition to Ripple's s1.ripple.com — using untrusted nodes could expose transaction metadata or introduce a malicious relay.
Install Mechanism: noteThe skill is instruction-only (no install spec), but instructs running `npm install xrpl`. That pulls code from the npm registry at runtime — expected for a JS XRPL client but a moderate risk if you don't verify package provenance and version. No archive downloads or obscure URLs are used.
Credentials: okNo environment variables, credentials, or config paths are requested by the skill. The design avoids asking for private keys by indicating the wallet (Xaman) performs signing, which is proportionate to the stated purpose.
Persistence & Privilege: okalways is false and there is no install-time persistence specified. The skill does not request elevated or permanent platform privileges.