Clicks Protocol
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent DeFi/USDC integration with mostly read-only query tooling, but optional write modes can use a wallet signer or private key to move funds and should be handled carefully.
This skill appears purpose-aligned and the included script is read-oriented, but treat any SDK or MCP write setup as financial infrastructure. Use a dedicated wallet with limited funds, pin and review external packages before running them, verify contract addresses, and require explicit confirmation before any transaction.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured for write access, an agent could register an agent, route USDC, receive payments, withdraw yield, or change yield settings.
The skill documents tools that can perform financial or account-state mutations when used with write-capable setup. This is purpose-aligned for a DeFi treasury skill, but it is high-impact and should not be invoked without clear user approval.
Available tools (10): - clicks_quick_start - clicks_receive_payment - clicks_withdraw_yield - clicks_register_agent - clicks_set_yield_pct
Use read-only commands by default, and require explicit human confirmation for any transaction or yield-setting change.
A compromised or over-permitted agent setup could use the configured wallet authority to affect USDC funds or protocol positions.
The optional local MCP write path requires private-key or signer authority. That is expected for blockchain transactions, but it gives the agent sensitive wallet authority if configured.
# Local stdio server, needs private key for write ops npx @clicks-protocol/mcp-server
Use a dedicated low-balance wallet, avoid sharing broad private keys, verify transaction prompts, and limit signer permissions where possible.
Users relying on the SDK or MCP server must trust package provenance and the current npm package contents, especially if those packages handle wallet signing.
The documentation points users to external npm packages that are not included in the reviewed artifact set and are not pinned to a specific version in the examples.
npm install @clicks-protocol/sdk ... npx @clicks-protocol/mcp-server
Inspect or pin package versions before use, install from the official source, and avoid running unreviewed packages with high-value wallet credentials.
Query details such as wallet addresses and simulated amounts may be visible to the Clicks MCP service.
The script uses a remote MCP endpoint for queries and sends user-provided wallet addresses and amounts to that service. This is disclosed and purpose-aligned, with no credentials sent by the provided script.
MCP_URL="https://mcp.clicksprotocol.xyz/mcp" ... response=$(curl -s -X POST "$MCP_URL"
Do not query addresses or amounts you consider private unless you are comfortable sharing them with the Clicks MCP endpoint.