Skillv1.0.0

ClawScan security

Tokenmonkey Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 14, 2026, 12:36 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requests and instructions line up with its stated purpose (peer-to-peer wagering on Solana) but it requires direct access to a Solana private key and installs an npm SDK you should verify before use.
Guidance: This skill is internally consistent with its gambling purpose, but it requires your Solana private key and installs an npm SDK you don't get to inspect from within the skill bundle. Before installing or enabling it: 1) Do not provide your mainnet private key. Test with a devnet key funded with minimal/test USDC. 2) Inspect the npm package and GitHub repo (tokenmonkey-sdk / https://github.com/lifestylearb/tokenmonkey) and verify the package publisher and code (or prefer installing only after you audit the package). 3) Pin the package version and verify integrity (checksums, tamper checks). 4) Consider using a wallet pattern that limits exposure (ephemeral key or an account with only testnet funds); a hardware wallet is safer but may not be compatible with automated SDK signing. 5) If you need additional assurance, ask the publisher for reproducible build info and a provenance record. Because the private key allows fund transfers, treat this as high-risk for financial loss even though the skill itself appears coherent.

Purpose & Capability: okName/description (Solana P2P wagering) match the declared requirements: node runtime and a Solana private key are expected for signing transactions and managing USDC on Solana.
Instruction Scope: okSKILL.md only instructs the agent to install and use tokenmonkey-sdk and to read SOLANA_PRIVATE_KEY for Keypair creation; it does not request unrelated files, system paths, or external endpoints outside the npm package/homepage/GitHub links.
Install Mechanism: noteInstall is via npm package tokenmonkey-sdk (moderate risk). Using a package from the public registry is a common pattern, but the skill bundles no code so the runtime behavior depends entirely on that package; you should verify the package publisher, source repository, and package contents before installing.
Credentials: noteRequesting SOLANA_PRIVATE_KEY is proportionate to the stated functionality (signing txns, claiming payouts). However, a private key grants full control of any funds in the wallet — this is high-sensitivity data. The skill does not request unrelated credentials, but exposing a mainnet private key here is high risk.
Persistence & Privilege: okalways is false and the skill does not request system-wide config or modify other skills. Autonomous invocation is allowed (platform default) but not an added special privilege.