Back to skill
Skillv1.0.0
ClawScan security
Ts Sdk View And Query · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 7:37 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This is a documentation-only skill for read-only Aptos TypeScript SDK queries and does not request installation, credentials, persistence, or system access.
- Guidance
- This appears safe to install from a security perspective as a read-only reference skill. As with any blockchain guidance, verify addresses, module names, and SDK behavior against official Aptos documentation before relying on outputs for important decisions.
Review Dimensions
- Purpose & Capability
- okThe stated purpose and examples are coherent: they guide read-only Aptos SDK calls such as getBalance(), getAccountInfo(), getAccountResources(), getAccountModules(), getModule(), and view().
- Instruction Scope
- okThe instructions focus on API usage, type handling, and avoiding deprecated methods; they do not direct the agent to override user intent, execute unrelated actions, or perform mutations.
- Install Mechanism
- okNo install specification, binaries, dependencies, helper scripts, or code files are present; the skill is instruction-only.
- Credentials
- okThe metadata declares no required environment variables, credentials, config paths, or OS-specific capabilities, which is proportionate for SDK documentation/examples.
- Persistence & Privilege
- okThe artifacts show no persistence, background workers, privileged local access, credential/session use, or account mutation authority.