orca-lp

ReviewAudited by ClawScan on May 3, 2026.

Overview

The skill is transparent and purpose-aligned, but it can run local TypeScript and sign real Solana DeFi transactions if you provide a wallet keypair.

Install/use this skill for Orca analytics safely in read-only mode. For writes, treat it like any tool that can spend crypto: use a small dedicated wallet, review generated code and dependencies, verify every address and amount, and only run commands with --confirm after you personally approve the transaction plan.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI03: Identity and Privilege Abuse

What this means

If you set KEYPAIR_PATH, the skill can use that wallet to move assets or change Orca LP positions when a write command is confirmed.

Why it was flagged

Providing KEYPAIR_PATH gives the generated scripts authority to sign Solana transactions from that wallet.

Skill content

`KEYPAIR_PATH` points to a keypair that can sign transactions, so use a small dedicated wallet for write operations.

Recommendation

Keep KEYPAIR_PATH unset for analytics, use a small dedicated wallet for writes, and never point it at a wallet containing more funds than you intend to risk.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

Confirmed write runs can irreversibly increase, decrease, collect from, or close LP positions on-chain.

Why it was flagged

The example playbooks can broadcast on-chain liquidity-management transactions, gated by a --confirm flag.

Skill content

const CONFIRM = process.argv.includes("--confirm"); ... const txId = await tx.buildAndExecute();

Recommendation

Run quote or dry-run mode first, verify pool addresses, token mints, amounts, slippage, and position mints, then only allow --confirm after explicit user approval.

Low

#ASI05: Unexpected Code Execution

What this means

Generated scripts could access local files or use the wallet keypair if you run them with the relevant environment variables.

Why it was flagged

The skill is allowed to write and run TypeScript locally using npx, which is central to its documented workflow but still deserves review.

Skill content

allowed-tools: Read, Write, Edit, Glob, Grep, Bash(npx tsc:*), Bash(npx tsx:*), WebFetch

Recommendation

Inspect generated TypeScript before execution, avoid running unreviewed code with KEYPAIR_PATH set, and use pinned/trusted dependency versions.