Multichain Protocol
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent mistake, prompt misunderstanding, or wrong recipient could send real crypto funds to the wrong place.
The script converts a supplied amount and recipient into a live canister call that sends crypto; the visible code does not show a confirmation prompt, dry-run, allowlist, or recipient/amount validation before the irreversible transfer.
print(f"Sending {amount} SOL ({lamports} lamports) to {to_address}..."); output = dfx_call("sendSolTransaction", f'("{to_address}", {lamports})')Require explicit user confirmation for every send, swap, bridge, or DeFi mutation; add transaction previews, address validation, chain checks, amount limits, and safe defaults.
Users must trust an opaque external canister for wallet behavior; if it is wrong, compromised, or changes unexpectedly, funds could be mishandled.
Wallet operations depend on a fixed external mainnet canister, while the supplied artifacts only include the skill file and Python wrapper and the registry lists the source as unknown/no homepage, leaving transaction-signing provenance unverifiable from the artifacts.
Powered by Menese Protocol | Canister ID (mainnet): `urs2a-ziaaa-aaaad-aembq-cai`
Provide verifiable canister source, Candid interface, module hash, audit/provenance links, upgrade/change-control details, and clear custody/trust assumptions before users fund addresses.
A recurring strategy could continue buying, selling, or rebalancing after the user’s original intent changes, potentially losing funds over time.
The documentation encourages persistent automated trading through timers/bots, but the provided artifacts do not show required stop conditions, cancellation controls, spending caps, or periodic human review.
"set up a DCA: buy $50 of BTC every day" ... "Automation | ICP timers for DCA/rebalance/bots"
Require explicit automation setup with duration, maximum total spend/loss, per-action limits, pause/cancel commands, and scheduled confirmations.
Using the wrong dfx identity or an identity with existing responsibilities could expose more authority than intended.
The skill uses the selected local dfx identity as the wallet authority. This is purpose-aligned, but users should understand that the identity/principal is tied to wallet control and real transactions.
dfx identity new my-wallet; dfx identity use my-wallet ... "No accounts needed, no wallets to set up — dfx handles everything."
Use a fresh, low-balance dfx identity dedicated to this skill; verify the active identity before every transaction and avoid sharing it with unrelated canister/admin work.
Installing dfx this way gives the remote installer the user’s local execution privileges.
The setup instructs the user to execute a remote installer script. This is a common dfx installation pattern and is purpose-aligned, but it still runs downloaded code on the local machine.
sh -ci "$(curl -fsSL https://internetcomputer.org/install.sh)"
Install dfx from the official Internet Computer documentation, inspect or pin installer versions where possible, and run setup in a contained environment.
Public RPC providers may be able to correlate wallet activity, IP/network metadata, or submitted transactions.
The skill uses public/provider RPC endpoints for EVM-chain operations. This is disclosed and purpose-aligned, but those providers may observe wallet-related queries or transactions.
EVM_RPCS = { "ethereum": {"rpc": "https://eth.llamarpc.com", "chain_id": 1}, "arbitrum": {"rpc": "https://arb1.arbitrum.io/rpc", "chain_id": 42161} }Use trusted private RPC endpoints for production wallets and understand what wallet data is sent to each provider.