skillet
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent PancakeSwap trading skill, but it gives the agent persistent control of funded blockchain keys and does not clearly show transaction limits or approval safeguards.
Treat this as a high-risk financial automation skill. If you install it, use only a new low-balance wallet, test on BSC testnet first, never reuse an important private key, verify every token address and transaction, and require explicit approval before any mainnet swap or ClawChain registration.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent makes a mistake or the wallet file is exposed, the user could lose BNB or tokens sent to this wallet.
A funded blockchain private key gives whoever controls the agent or file the ability to sign irreversible transactions. This is high-impact credential authority and is not bounded in the provided artifacts.
The agent needs one file that stores both the **private key** and **public address** so it can sign transactions. ... Default file location: `~/.config/bsc_agent/wallet.json`.
Do not fund this wallet with more than you can afford to lose. Require explicit per-transaction approval, use a fresh low-balance wallet, prefer testnet first, and make the skill declare all credential/config paths.
The agent could perform unintended or risky trades on mainnet, including swaps involving the wrong token or poor liquidity.
Broad trading authority across tokens and liquidity pairs is consistent with the stated purpose, but the provided artifacts do not show clear user confirmation, spend limits, token allowlists, or containment for high-impact swap actions.
The agent is not limited to specific tokens — it can resolve token addresses and check which pairs have liquidity.
Add mandatory user confirmation for every swap, maximum spend and slippage limits, verified token-address allowlists, and a testnet-first workflow.
The agent may use the user's ClawChain authenticated session or credential file to register wallet data, creating account-level changes outside PancakeSwap itself.
The skill invokes an authenticated Chromia/ClawChain transaction using a local credential file. This may be purpose-related for event tracking, but it is another account authority not declared in the registry metadata.
`chr tx register_evm_public_key ... --ft-auth --secret ~/.config/clawchain/credentials.json ... --await`
Require explicit user approval before using ClawChain credentials, document the exact account action, and declare the credential path and required permissions.
A compromised or unexpected package version could affect wallet generation or transaction signing.
Installing ethers is expected for blockchain wallet and transaction handling, but the instruction is unpinned and outside an install spec or lockfile.
Prerequisite: Node.js 18+ with `ethers` (v6): `npm install ethers`
Install dependencies in an isolated project, pin exact versions, use a lockfile, and verify package provenance before generating or funding a wallet.