ClawHub

juicy

v1.0.0

Complete Juicebox V5 protocol skills collection. Build, deploy, and interact with Juicebox projects, revnets, hooks, and omnichain deployments. Includes API reference, implementation details, UI generation, and GraphQL queries.

1· 1.9k·0 current·0 all-time
by@mejango
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description (Juicebox V5 tooling and UIs) aligns with the provided instruction files and templates, but several SKILL.md files reference third-party APIs (Relayr, Bendystraw, Juicerkle, Juicerkle hosted on railway.app, relayr.ba5ed.com, bendystraw.xyz) and an API key for Bendystraw. The registry metadata declares no required environment variables or credentials; yet the instructions explicitly say an API key is required for some services. That mismatch (referencing credentials/services but not declaring them) is unexpected and worth flagging.
!
Instruction Scope
The instruction-only skill includes runnable browser/JS templates that: (a) call external HTTP APIs, (b) instruct users to sign EIP-712 typed data (forward requests) and to write/send on-chain transactions from the user's wallet, and (c) fetch merkle proofs from third-party endpoints. These are coherent with building UIs, but the templates instruct signing opaque forward requests and encoding calldata (e.g., forwarder.execute(...)) without strong guidance to validate the target forwarder/controller addresses, calldata contents, or the downstream relayer behavior. That grants substantial discretion to whatever service consumes the signed payload and is a potential phishing/exfiltration vector if endpoints are untrusted.
Install Mechanism
There is no install spec and no code files to write to disk—this is instruction-only. That reduces risk from installer downloads or arbitrary code execution on install.
!
Credentials
The SKILL.md content references external API keys (Bendystraw) and third-party endpoints but the skill metadata declares no required env vars or primary credential. Additionally, the runtime templates rely on the user's browser wallet (window.ethereum) to sign transactions and typed data; while wallet interaction is expected for this purpose, the skill does not document or constrain which relayer/forwarder addresses are safe. The lack of declared credentials and provenance for the external services is disproportionate given the skill's runtime behavior.
Persistence & Privilege
The skill is not always-on, has no install, and does not request persistent agent privileges. Default autonomous invocation is allowed but not combined with other privilege escalation indicators here.
What to consider before installing
This collection appears to be a legitimate set of templates and documentation for Juicebox V5 UIs, but there are a few red flags you should consider before using or installing it: - External endpoints: Several templates call third-party services (Relayr at api.relayr.ba5ed.com, Bendystraw at bendystraw.xyz, Juicerkle at a railway.app domain). These services would receive transaction metadata, addresses, proofs, and potentially signed payloads. Verify the operators of those endpoints and prefer official, audited services. - Undeclared API keys / credentials: The docs say a Bendystraw API key is required and to use a server-side proxy, but the skill metadata declares no required env vars. If you must supply keys, do so only to services you control or trust; do not paste secrets into untrusted UIs. - Wallet signing risk: The UI templates instruct users to sign EIP-712 forward requests and arbitrary calldata. Signed forward requests can be executed by relayers/forwarders and may perform arbitrary on-chain actions. Never sign requests unless you have verified the exact domain, target forwarder contract address, controller/target contract addresses, and the calldata contents. Prefer local previews of the decoded calldata and explicit human-readable confirmation before signing. - Third-party proof endpoints: The Juicerkle/claims endpoint is used to fetch Merkle proofs. A malicious or compromised proof service could return incorrect proofs or record beneficiary addresses. If possible, fetch proofs from an official server or run your own proof service. - What would reduce risk: provenance (homepage, source repo, maintainer identity), official/verified endpoints (and the skill declaring required env vars for API keys), or clear warnings in SKILL.md about verifying forwarder/controller addresses and not signing unknown requests. If this skill comes from an official Juicebox organization or an audited repo, that would raise confidence. Recommendation: treat the skill as useful but potentially risky—do not use those templates with real funds or sign opaque requests until you validate each external service and the on-chain target contracts. If you only want the documentation snippets (no live endpoints), review the SKILL.md files offline and remove/replace external URLs with your own trusted services before use.

Like a lobster shell, security has layers — review code before you run it.

buisinessvk97ffxrfwbk8pn0rq2cwyag66h808z0bcampaignsvk97ffxrfwbk8pn0rq2cwyag66h808z0bcapital-formationvk97ffxrfwbk8pn0rq2cwyag66h808z0bfundraisingvk97ffxrfwbk8pn0rq2cwyag66h808z0bjuiceboxvk97ffxrfwbk8pn0rq2cwyag66h808z0blatestvk97ffxrfwbk8pn0rq2cwyag66h808z0brevenuevk97ffxrfwbk8pn0rq2cwyag66h808z0brevnetsvk97ffxrfwbk8pn0rq2cwyag66h808z0b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments