Back to skill
Skillv0.1.6
ClawScan security
Teller MCP – Borrow USDC & Altcoins · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 16, 2026, 1:51 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and runtime requirements are coherent with its stated purpose (running an MCP server that proxies Teller delta‑neutral and lending APIs); it requests no credentials and the runtime actions described align with the skill description.
- Guidance
- This package appears to be what it says: a small MCP server that queries Teller's public delta-neutral API and returns prepared JSON and encoded transactions. Before installing, consider: run npm install/build in an isolated environment (container or VM) and audit dependencies (npm audit, review package-lock.json). Do not point the tool at private keys or expose the server to untrusted clients; when invoking tools that accept wallet addresses or produce encoded transactions, avoid supplying private keys—this server only builds transaction calldata and does not sign transactions. If you plan to run it in production, verify the upstream API URL and pin dependency versions or use an internal package mirror.
Review Dimensions
- Purpose & Capability
- okName/description match the included code and SKILL.md: the repo contains an MCP server (src/index.ts), a typed client (src/client.ts) and types for Teller endpoints. The declared purpose (expose Teller APIs via MCP) justifies the included dependencies (MCP SDK, zod) and the npm build/run instructions.
- Instruction Scope
- okSKILL.md limits runtime actions to building and running the server (npm install, build, start), editing TypeScript sources, and registering the stdio transport. It references optional env vars (TELLER_API_BASE_URL, TELLER_API_TIMEOUT_MS) used by the client; it does not instruct reading unrelated files or exfiltrating secrets.
- Install Mechanism
- okThere is no automated install spec in the registry entry (instruction-only). The README directs a standard npm install/build/start workflow. package-lock.json is present and lists typical dev optional artifacts (esbuild platform builds). This is expected for a Node project and not disproportionate, but running npm install will fetch packages from the npm registry—standard risk for any Node project.
- Credentials
- okThe skill declares no required environment variables or credentials. The code and docs reference two optional env vars to override the Teller API base URL and timeout; those are reasonable and proportional. No secrets (private keys, API tokens) are requested or embedded.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated agent/system privileges. It runs as an MCP stdio server and does not attempt to modify other skills or global agent configuration.