ClawHub
Back to skill
v1.0.0

Lsp28 Grid

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:52 AM.

Analysis

The skill appears purpose-aligned, but it requires a controller private key and sends mainnet transactions that change a Universal Profile grid while those sensitive permissions are under-declared.

GuidanceReview this skill before installing or running it. Only use a least-privileged LUKSO controller key, verify the Key Manager and RPC endpoint, inspect the exact grid JSON and URLs, and prefer a dry run or manual transaction review before broadcasting to mainnet.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/update-grid.js
const tx = await keyManager.execute(setDataCalldata);
console.log('Transaction:', tx.hash);

const receipt = await tx.wait();

The script sends the encoded setData call through the Key Manager and waits for confirmation. There is no built-in confirmation prompt, dry run, chain check, target-profile check, or validation before performing the mainnet mutation.

User impactA simple command can overwrite the public grid layout, potentially adding unintended iframe or external URLs and spending gas on an on-chain update.
RecommendationAdd an explicit approval step showing the target chain, Key Manager, decoded grid JSON, data key, gas estimate, and current-versus-new grid before sending the transaction.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/update-grid.js
const { ethers } = require('ethers');

The script depends on the ethers package, but the supplied registry information says there is no install spec and the manifest does not include a package file or lockfile.

User impactUsers may need to install dependencies themselves, which leaves package version and provenance choices outside the reviewed artifact set.
RecommendationProvide a package.json and lockfile or documented pinned dependency versions, and install dependencies from trusted sources only.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
scripts/update-grid.js
const PRIVATE_KEY = process.env.UP_PRIVATE_KEY || 'YOUR_CONTROLLER_PRIVATE_KEY';
...
const wallet = new ethers.Wallet(PRIVATE_KEY, provider);

The script uses a Universal Profile controller private key to sign transactions. This is high-impact account authority, yet the registry metadata declares no primary credential or required environment variables.

User impactUsing this skill may require exposing a controller private key to the agent environment; if that key is over-scoped, it could authorize more than just the intended grid update.
RecommendationUse a least-privileged controller key limited to the needed LSP28 setData action, declare the credential requirement clearly, avoid editing private keys into files, and verify the Key Manager address before use.