Arbitrum Dapp Skill

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.exposed_secret_literal, suspicious.generated_source_template_injection

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note

ASI04: Agentic Supply Chain Vulnerabilities

What this means

If the remote repository changes, a user who follows the curl-to-bash command could run installer code that was not part of this review.

Why it was flagged

The documented quick start runs a remote script from an unpinned main branch, so the code executed at install time may differ from the reviewed package.

Skill content

bash <(curl -s https://raw.githubusercontent.com/hummusonrails/arbitrum-dapp-skill/main/install.sh)

Recommendation

Prefer the ClawHub/versioned install path when available, or inspect and pin the installer script before running it.

Note

ASI03: Identity and Privilege Abuse

What this means

Using the wrong key, network, or contract can spend real funds and create irreversible on-chain transactions.

Why it was flagged

The deployment workflow uses a user's blockchain private key and can submit transactions to Arbitrum mainnet.

Skill content

cargo stylus deploy \
  --endpoint $ARBITRUM_ONE_RPC_URL \
  --private-key $PRIVATE_KEY

Recommendation

Use a dedicated low-balance deployer wallet, test locally and on Sepolia first, confirm the target network, and keep private keys out of committed files.

Note

ASI07: Insecure Inter-Agent Communication

What this means

Running the installer will contact GoatCounter with an install-count request and normal network metadata unless the user opts out.

Why it was flagged

The installer sends a disclosed install-count event to an external analytics provider unless ARBITRUM_SKILL_NO_ANALYTICS is set.

Skill content

curl -s -X POST "https://arbitrum-dapp-skill.goatcounter.com/api/v0/count" ... --data '{"no_sessions": true, "hits": [{"path": "/install"}]}'

Recommendation

Set ARBITRUM_SKILL_NO_ANALYTICS=1 or remove the analytics curl command if you do not want install telemetry.

Findings (3)

critical

suspicious.exposed_secret_literal

Location: install.sh:31
Finding: File appears to expose a hardcoded API secret or token.

critical

suspicious.exposed_secret_literal

Location: references/local-devnode.md:33
Finding: File appears to expose a hardcoded API secret or token.

critical

suspicious.generated_source_template_injection

Location: references/solidity-contracts.md:39
Finding: User-controlled placeholder is embedded directly into generated source code.