Skillv1.0.0

ClawScan security

HypurrFi · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 4:01 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, files, and runtime instructions are coherent with a DeFi wallet/lending tool; it does not request unrelated credentials or hidden network exfiltration, but it will create and store a plaintext private key file and requires installing npm dependencies and using an external RPC node — both are normal for this kind of tool and need user caution.
Guidance: This skill appears to be what it says: a CLI wallet/DeFi client for HyperEVM. Before installing or running it, consider the following: 1) The setup script will generate and store your private key in plaintext at ~/.hyperliquid-wallet.json (file mode 600). Treat that file as extremely sensitive — do not use your main funds without testing first. 2) npm install will pull dependencies from the public registry (viem and others); only run npm install if you trust the source. 3) The scripts talk to the HyperEVM RPC (https://rpc.hyperliquid.xyz/evm). A malicious or compromised RPC could misreport state or censor transactions; verify the RPC endpoint is trustworthy if you use large amounts. 4) Inspect the GitHub repo (https://github.com/hypurrfi/hypurrfi-skill) and hosting/site links to confirm they match the distributed code and project. 5) When running commands, avoid using --yes until you have tested preview modes and are comfortable with the wallet and balances. If you need lower risk, run the scripts on an isolated machine or with a wallet that holds only test/faucet funds.
Findings: [pre-scan-none] expected: No pre-scan regex findings were detected. The code does perform file I/O (writeFileSync, readFileSync, chmodSync) for wallet persistence and network calls to an RPC (https://rpc.hyperliquid.xyz/evm) — these are expected for a DeFi wallet skill.

Review Dimensions

Purpose & Capability: okName/description match the code and scripts: all files implement deposit/withdraw/borrow/repay/position/health flows against HyperEVM markets. Required binary (node) is appropriate. No unrelated environment variables or cloud credentials are requested.
Instruction Scope: noteSKILL.md explicitly instructs cloning the repo and running npm install and the provided node scripts. The runtime instructions and scripts operate only against the blockchain RPC and local wallet file; they do not attempt to read unrelated system files or send data to unexpected external endpoints. They do, however, create and read a wallet private key file (~/.hyperliquid-wallet.json) and will sign/send transactions when run with the --yes flag.
Install Mechanism: noteThere is no platform install spec, but SKILL.md requires git clone and npm install. Dependencies come from the public npm registry (viem and its deps). This is a reasonable and expected install method for a Node-based blockchain tool, but pulling npm packages is a moderate-risk action and should be done from a trustworthy network and registry.
Credentials: noteThe skill requests no environment credentials. It does implicitly use process.env.HOME to build a wallet path and writes a plaintext private key JSON file (~/.hyperliquid-wallet.json) protected with chmod 600. Storing a private key on disk is expected for a CLI wallet but is high-sensitivity: anyone with file access or a malicious process could read it. The skill code itself does not contain logic that exfiltrates the private key to other hosts.
Persistence & Privilege: okThe skill does not request always:true and does not alter other skills or system-wide settings. It creates a wallet file under the user's home directory and uses it to sign transactions — expected behavior for a wallet client.