FarmDash Trail Marshal
ReviewAudited by ClawScan on May 13, 2026.
Overview
This is mostly a read-only DeFi recipe catalog, but its detailed trading/bridging workflow steps are fetched at runtime rather than shown in the reviewed artifact.
Install only if you are comfortable with a DeFi orchestration cookbook that fetches its detailed workflows from FarmDash at runtime. Before approving any companion skill action, ask to see the full step graph, verify the exact asset, chain, amount, route, and risk, and never provide private keys or seed phrases.
Publisher note
FarmDash Trail Marshal is the strategic composition layer of the FarmDash agent stack. When a user says "Hyperliquid is hot, I have $10k, set me up," a single skill can't answer — the agent must research the protocol, ground the plan in current balances, swap into position, and optionally hedge. Trail Marshal documents that exact orchestration as a named workflow the agent can execute with one user confirmation, instead of forcing the LLM to invent the sequence in its prompt. Ten ready-made farming workflows: research_only, airdrop_rotation, farm_hyperliquid, farm_solana_restaking, delta_neutral_setup, funding_capture, protect_portfolio, idle_capital_deploy, migrate_chain, bounded_autopilot. Read-only by design. Trail Marshal never signs anything itself — every state-changing step still requires explicit user signature through the appropriate execution skill (Signal Architect for spot, Futures Strategist for perps). v0.1 is the cookbook; v1.0 will add the real orchestrator engine. Companion skills: FarmDash Trail Intelligence, FarmDash Wagon Steward, FarmDash Signal Architect, FarmDash Futures Strategist.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A changed or compromised remote catalog could influence the agent's suggested sequence for high-impact DeFi actions before the user sees the final confirmations.
The important workflow instructions are supplied by a remote runtime catalog rather than the reviewed artifact. Because those recipes can steer other skills toward swaps, perps, bridging, or autopilot-style workflows, users and reviewers cannot fully inspect or pin the operational logic from the supplied artifacts.
The detailed `stepGraph` for each recipe is delivered at runtime as part of the `list_workflows` JSON response and is not embedded in this contract document. Agents fetch the catalog once per session and cache it.
Treat the runtime workflow JSON as untrusted until reviewed. Prefer pinned/versioned workflow definitions, show the full step graph to the user before any execution handoff, and require separate confirmation for every financial action.
If used with companion execution skills, the agent may guide a workflow that changes wallet positions or moves funds.
The cookbook is designed to coordinate multiple tools, including tools that can trade, open perps, or move assets. This is disclosed and purpose-aligned, but it is high-impact tool chaining.
`airdrop_rotation` | Compare farming candidates and rotate via the user's separately-installed swap skill ... `delta_neutral_setup` | Coordinate a paired spot + perp position via separately-installed sub-skills
Confirm each swap, bridge, perp, or allowance action individually, and verify the companion skill's permissions before approving execution.
Using a public wallet address may reveal balances or transaction history to services involved in the workflow.
The skill discloses wallet-scoped use and says it does not need private credentials. A public wallet address is not a secret, but it can expose portfolio activity and links the workflow to a user's on-chain identity.
Trail Marshal v0.1 requires only the user's public wallet address for wallet-scoped recipes. It does not request, accept, or transmit any other credentials.
Use a wallet address you are comfortable analyzing in this context, and never provide seed phrases, private keys, or signing authority directly to this cookbook skill.
A stale or unexpected cached recipe could keep steering recommendations later in the conversation.
Remote workflow content is retained in the session context and can continue influencing the agent's decisions during that session. The artifact does not show long-term storage of user data, so this is a note rather than a standalone concern.
Agents fetch the catalog once per session and cache it.
Have the agent display the current workflow steps before acting, and refresh or discard cached recipes if the conversation goal changes.