FarmDash Wagon Steward
ReviewAudited by ClawScan on May 13, 2026.
Overview
This appears to be a disclosed, read-only DeFi portfolio skill, but it sends wallet-query data to FarmDash and has optional paid monitoring/webhook features users should understand before enabling.
Before installing, be comfortable sharing queried wallet addresses with FarmDash and provide the API key only if you need paid-tier features. Treat rebalancing output as research, not transaction approval, and enable any monitoring or webhook feature only after confirming its destination, duration, and disable controls.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When you ask wallet-related questions, the agent may query FarmDash for a portfolio summary before answering.
The skill instructs the agent to invoke an external portfolio-summary tool automatically in relevant conversations. This matches the portfolio-analysis purpose, but it may happen without a separate narration step.
Agent posture: Always start a wagon-aware conversation by silently calling this tool.
Use the skill only when you intend to share the wallet address with FarmDash, and ensure the agent does not invoke it outside wallet/portfolio tasks.
If you provide the API key, FarmDash can associate requests with your paid/free tier account.
The skill can use an optional FarmDash API credential. The described use is scoped to FarmDash tier identification and is aligned with the service.
FARMDASH_API_KEY: ... Optional Bearer token used for Pioneer-tier rate limits and full position depth ... sent only as an Authorization header to https://www.farmdash.one
Store the token securely, provide it only if you need paid-tier features, and revoke or rotate it if you stop using the skill.
FarmDash can see which wallet address you ask about and when you query it, which may reveal portfolio-interest patterns even though the address is public on-chain.
The skill clearly discloses that each call sends the wallet address to FarmDash MCP, with an optional authorization header. This is expected for portfolio aggregation but creates a provider-side data flow.
Public wallet address (`0x…`) | Yes, every call ... Bearer token, if provided | Yes, Authorization header
Only query wallet addresses you are comfortable sharing with FarmDash, and review FarmDash privacy/retention terms or self-host if that matters to you.
If enabled, the service may keep watching wallet state and send alerts or portfolio information after the initial request.
The artifact mentions an ongoing monitoring and webhook capability. It is aligned with portfolio alerts, but persistent monitoring and webhooks should have explicit user control.
Syndicate | $199/mo | 50k req / day | Adds proactive monitoring (`watch_wagon`) and webhook delivery
Enable monitoring/webhooks only deliberately, confirm where notifications are sent, and verify how to pause or delete the watch.