Skillv1.0.2

ClawScan security

on-chain analytics for evm contract · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 27, 2026, 12:29 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated behavior (querying Etherscan/Dune and producing dashboards) is plausible, but the runtime instructions direct the agent to call an unknown third‑party Supabase function and return external dashboard links without declaring any credentials or provenance, which is opaque and a potential data-exfiltration/privacy risk.
Guidance: Before installing or invoking this skill, be aware it is a thin wrapper that sends contract addresses (and optional ABIs) to a third‑party Supabase endpoint and returns links to an external dashboard. That endpoint will perform the Dune/Etherscan work using its own credentials and may log or retain your queries. If you care about provenance, privacy, or auditability: (1) ask the publisher who runs the Supabase/onchainwizard.ai backend and for a privacy/security policy; (2) ask whether data is stored, for how long, and whether results are shared; (3) prefer a skill that uses your own Dune/Etherscan API keys (so you control credentials), or self‑host the backend; (4) do not send private keys or sensitive secrets to the skill; and (5) if unsure, treat this as untrusted remote processing and avoid sending sensitive contextual data. Additional information that would raise confidence: publisher identity, source code for the hosted function, and an explanation of how Dune/Etherscan access is arranged and secured.

Review Dimensions

Purpose & Capability: noteThe skill claims to fetch ABIs from explorers and run Dune queries to generate analytics — that purpose matches the described pipeline. However, instead of instructing the agent to call Etherscan/Dune directly, the SKILL.md tells the agent to POST to a third‑party Supabase function (esraarlhpxraucslsdle.supabase.co) and to surface dashboards on onchainwizard.ai. That centralization is plausible (a hosted backend doing the heavy work), but it's not documented why no Dune/Etherscan credentials are needed or who runs the hosted endpoint.
Instruction Scope: concernThe instructions require the agent to send contract addresses (and optionally ABIs) to an external API endpoint (Supabase function). There are no instructions to use local files or credentials, but calling an unauthenticated external endpoint to perform all analysis concentrates sensitive operational steps off‑agent and could leak query context or user data. The SKILL.md does not describe what data is logged, retained, or shared with that service.
Install Mechanism: okThis is an instruction‑only skill with no install spec and no code files — nothing is written to disk or installed locally, which minimizes local execution risk.
Credentials: concernThe skill declares no required env vars or credentials, yet the described functionality (running Dune queries, fetching ABIs from explorers) typically requires service credentials or API keys. That implies the third‑party endpoint will perform those calls using its own credentials out of the user's control. The lack of declared credentials is disproportionate to the complexity and surprising from a transparency standpoint.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and has no install script. It does not request persistent agent privileges in the registry metadata.