Back to skill
Skillv0.1.0
ClawScan security
Swap Tokens · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 6:05 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are internally consistent: it is an instruction-only wrapper that tells the agent to run fdx CLI commands to check status, view balances, and perform DEX swaps.
- Guidance
- This skill is a thin instruction-only wrapper around your local fdx CLI and appears coherent. Before installing or using it, ensure: (1) you understand and trust the installed fdx CLI and its wallet configuration (the skill will execute on-chain swaps using those credentials), (2) you confirm swap details (amount, slippage, chain) every time—test with a small amount first to avoid unexpected losses, and (3) you do not expose private keys or paste secrets into chat. No environment variables or external installers are requested by this skill.
Review Dimensions
- Purpose & Capability
- okThe name/description (swap tokens via DEX) matches the instructions, which exclusively call fdx CLI commands for wallet status, balance, and swap execution. There are no unrelated dependencies or credentials requested.
- Instruction Scope
- okSKILL.md confines runtime actions to fdx status, fdx call getWalletOverview, and fdx call swapTokens, and explicitly requires human confirmation before executing swaps. It does not instruct reading arbitrary files, environment variables, or sending data to external endpoints beyond the fdx CLI.
- Install Mechanism
- okNo install spec or code is provided (instruction-only), so nothing is downloaded or written to disk by the skill itself.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. It relies on whatever wallet/authentication the local fdx CLI has configured, which is appropriate for an on-chain swap helper.
- Persistence & Privilege
- noteThe skill is not always-enabled and allows model invocation (default). This is normal for user-invocable skills; note that when invoked it will run CLI commands that act with the user's configured wallet credentials (not stored or requested by the skill).