Skillv1.0.0

ClawScan security

Sui JSON-RPC Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 15, 2026, 11:24 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests, instructions, and included files are coherent with its stated read-only Sui JSON-RPC/pubsub purpose and do not ask for unrelated credentials or installs.
Guidance: This skill appears to do only read-only Sui JSON-RPC discovery and subscriptions via the uxc tool. Before installing or using it: ensure you have uxc installed and trust the public endpoint (https://fullnode.mainnet.sui.io); validate any wss:// websocket endpoints with your provider before subscribing; be aware subscription sinks write to $HOME/.uxc/subscriptions (so check file permissions and disk use); do not repoint the workflow to private or authenticated RPC providers without reviewing their auth model (the skill explicitly warns about that). The included scripts/validate.sh are local validation helpers (they require ripgrep/r g) and are not an installer — review them before running. Overall, nothing here requests unrelated credentials or hidden endpoints.

Purpose & Capability: okName/description match the actual behavior: read-only JSON-RPC calls and pubsub subscriptions via the uxc tool against the public Sui fullnode. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope: okSKILL.md limits actions to discovery, read methods, and subscription sinks; it explicitly forbids unsafe/write/ signing flows and instructs operators to verify WebSocket endpoints. It references only uxc, the public host, and local sink files.
Install Mechanism: okInstruction-only skill (no install spec). The only included script is a small validation helper; nothing is downloaded or written by the skill itself.
Credentials: okNo environment variables, credentials, or config paths are required. The skill's use of $HOME/.uxc for subscription sinks is consistent with its purpose.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform privileges nor modify other skills' configuration.