ClawDex Trading
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Solana trading helper, but it can install and run an unpinned external CLI that uses a local wallet key to execute real crypto swaps without a clear final human approval boundary.
Only install this if you are comfortable with an external npm CLI controlling a Solana trading wallet. Prefer a new, low-balance wallet, pin and verify the ClawDex package before use, set strict trading guardrails, and require manual confirmation before every real swap.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could submit an irreversible token trade if it decides the simulated result looks acceptable.
The skill instructs the agent to execute real swaps using --yes, which bypasses interactive confirmation, based on the agent's assessment of the simulation rather than a required final user approval.
4. **Execute** — `clawdex swap --yes --json` — only if simulation looks good
Require explicit user confirmation after quote and simulation, including exact token pair, amount, slippage, estimated output, fees, and wallet, before any command using --yes.
A CLI with access to the wallet key can sign transactions and spend or swap funds from that wallet.
The skill directs the CLI to use an API key and the user's local Solana wallet key file, granting authority over funds; the supplied metadata declares no credentials, env vars, or config paths.
clawdex onboarding \
--jupiter-api-key "$JUPITER_API_KEY" \
--rpc "${SOLANA_RPC_URL:-https://api.mainnet-beta.solana.com}" \
--wallet ~/.config/solana/id.json \
--jsonUse a dedicated low-balance trading wallet, declare required credentials and config paths, and document exactly how the wallet key and API key are used and protected.
A changed or malicious npm package could run code locally and interact with the same wallet and trading workflow.
The skill installs an unpinned latest-version npm package globally at setup time, while the submitted artifact contains no reviewed code, lockfile, install spec, homepage, or source provenance.
which clawdex || npm install -g clawdex@latest
Pin the package version, provide a verifiable source/homepage and install spec, and avoid installing or running external trading software until the user has reviewed and approved it.