ClawHub
Back to skill
v0.1.0

Agent Market

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:29 AM.

Analysis

Review before installing because this skill can use a wallet private key to sign on-chain prediction-market transactions that spend or lock USDC.

GuidanceTreat this as a financial transaction skill. Only connect a dedicated Base Sepolia test wallet, keep minimal funds in it, verify the contract/RPC settings, and require explicit approval before any buy, sell, liquidity, market-creation, or oracle-resolution action.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
market_buy_yes({ marketAddress, amount: 5 }) — Bet 5 USDC on YES ... market_propose_outcome({ marketAddress, outcome: true }) — Propose YES won (posts bond)

The documented tools perform on-chain financial actions, including bets and bonded oracle proposals. The provided artifacts do not show hard limits, reversibility, or explicit approval requirements for these high-impact actions.

User impactA mistaken or overbroad agent invocation could spend, lock, or risk wallet funds and affect public market outcomes.
RecommendationRequire explicit user confirmation for every transaction, verify market addresses and amounts, and keep balances small.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
index.ts
const PRIVATE_KEY = process.env.WALLET_PRIVATE_KEY as `0x${string}`; ... const account = PRIVATE_KEY ? privateKeyToAccount(PRIVATE_KEY) : undefined;

The skill directly consumes a wallet private key and turns it into a signing account, granting transaction authority over that wallet. This is especially sensitive because the registry metadata declares no required env vars or primary credential.

User impactIf configured with a real or reused private key, the agent can sign blockchain transactions from that wallet.
RecommendationUse only a dedicated testnet wallet with limited funds, never reuse a mainnet/private wallet key, and confirm that the registry metadata accurately declares the required private-key credential.