Skillv0.1.0

ClawScan security

Miraix LI.FI Earn Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 12, 2026, 8:40 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are internally consistent with its stated purpose (discover vaults, prepare quotes, and execute deposits via an Agentic Wallet), but you should verify the external endpoints and never grant wallet-signing permissions without explicit confirmation each transaction.
Guidance: This skill appears to do what it says: call Miraix discovery/quote endpoints and help prepare/execute Composer deposits. Before using it, verify that https://app.miraix.fun is the legitimate service you expect; do not grant the agent wallet-signing permissions without requiring explicit user confirmation for each transaction; inspect any prepared quote (amount, vault address, chain, approval address and allowance) before approving; be aware that executing deposits will move real funds and that you should ensure the wallet has sufficient native gas on the target chain. If you need higher assurance, ask the skill author for a homepage, source repo, or official docs for the endpoints used.

Review Dimensions

Purpose & Capability: okName/description claim to discover USDC vaults, prepare Composer deposits, and execute deposits via an Agentic Wallet; the SKILL.md contains only the discovery and quote API calls and steps to perform approval/deposit, which are appropriate and proportional to that purpose.
Instruction Scope: noteInstructions call Miraix endpoints (https://app.miraix.fun/api/earn/chat and /api/earn/quote) and then expect the agent to prepare and execute on-chain approvals/deposits using an Agentic Wallet. This stays within the claimed workflow but implicitly requires wallet access/signing and on-chain allowance checks; the skill does not provide details for authentication to Miraix APIs or how signing is gated, so the agent's wallet permissions are the main runtime risk.
Install Mechanism: okNo install spec and no code files — instruction-only skill. This is the lowest installation risk (nothing is written to disk).
Credentials: okThe skill requests no environment variables or credentials. It does implicitly require access to a wallet/address (walletAddress in the quote payload) and the ability to sign/send transactions, which is proportional to the deposit execution use case but must be explicitly granted and reviewed by the user/agent.
Persistence & Privilege: okalways:false (normal). agents/openai.yaml sets allow_implicit_invocation: true which permits implicit invocation but is not equivalent to force-install; this is not unusual for an agent skill. No indications of the skill attempting to persist or modify other skills or system-wide settings.