ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Uniswap Batch Swap

Execute multiple token swaps in sequence. Use when user wants to rebalance, swap into multiple tokens, or execute a multi-step trading plan. Each swap goes through full safety validation independently.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 647 · 2 current installs · 2 all-time installs
by@wpank
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description (batch token swaps) align with the workflow in SKILL.md, but a trading skill normally requires wallet signing credentials, RPC endpoints, or an explicit integration with an exchange/bridge. This skill declares no credentials or config paths yet instructs launching a Task(subagent_type:trade-executor) to submit trades, which is an unexplained gap.
Instruction Scope
Instructions stay within a swapping/rebalancing scope (parse swaps, pre-flight safety, sequential execution, reporting) and do not ask to read arbitrary files or unrelated env vars. However they delegate critical actions to an external subagent and microservice tools (mcp__uniswap__check_safety_status, mcp__uniswap__get_agent_balance) without describing their trust model, data flow, or how transaction signing is performed.
Install Mechanism
Instruction-only skill with no install steps or downloaded code; this minimizes on-disk risk. The README references installation commands for package managers, but the skill package itself contains only docs and no install script.
!
Credentials
No environment variables, credentials, or config paths are declared despite functionality that normally requires private keys, provider RPCs, or API keys. The allowed-tools indicate the skill will call internal microservices and launch a trade-executor subagent — both of which may need sensitive credentials but those are not declared or scoped here.
Persistence & Privilege
Skill is not always-enabled and does not request persistent presence. Autonomous invocation is allowed by default, and the skill's ability to spawn subagents increases its effective privilege during execution; this is normal for agent skills but should be considered when combined with the missing credential details above.
What to consider before installing
This skill looks like a legitimate batch-swap workflow, but it leaves out where and how transactions are signed and what the trade-executor subagent/microservices are permitted to do. Before installing or using it: 1) Ask the publisher where signing keys and RPC credentials reside and who/what will sign transactions (your wallet, a custodian, or the subagent). 2) Verify the implementation and trust boundaries of Task(subagent_type:trade-executor) and the mcp__uniswap__* microservices (what permissions they have, whether they can exfiltrate keys or deploy other actions). 3) Require least-privilege access: prefer a read-only balance check and manual confirmation for high-value trades or transaction signing performed locally. 4) Test with very small amounts in a controlled environment and ensure audit/logging of every submitted tx. Because of the unexplained credential handling, treat this skill as suspicious until the above is clarified.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk975qq08mdj0zszvqc6j3g6f2180w1ae

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Batch Swap

Execute multiple token swaps in sequence with independent safety validation per swap.

Activation

Use this skill when the user says any of:

  • "Swap X for Y and Z"
  • "Rebalance to 50% ETH 50% USDC"
  • "Buy 3 different tokens"
  • "Execute these swaps: ..."

Input Extraction

ParameterRequiredDefaultSource
swapsYesList of {tokenIn, tokenOut, amount}
chainNoethereumDefault chain for all swaps
stopOnFailureNotrueWhether to halt on first failure

Workflow

  1. Parse all swaps from the user's message. Confirm token symbols resolve.

  2. Pre-flight check: Verify total spending within daily limits and sufficient balance for all swaps using check_safety_status and get_agent_balance.

  3. Sequential execution: For each swap:

    • Launch Task(subagent_type:trade-executor) with swap parameters
    • Wait for confirmation before starting next swap
    • Update running balance between swaps
    • If stopOnFailure=true and swap fails, halt remaining swaps

  4. Report summary:

Batch Swap Complete (3/3 succeeded)

  #  Swap              Amount In    Amount Out   Tx
  1  USDC → WETH      1,000 USDC   0.307 WETH   0xABC...
  2  USDC → WBTC      1,000 USDC   0.015 WBTC   0xDEF...
  3  USDC → UNI       1,000 USDC   142.3 UNI    0xGHI...

  Total gas: $1.26

Error Handling

ErrorUser MessageSuggested Action
BATCH_PARTIAL_FAILURE"Swap #N failed. Remaining halted."Review failed swap, re-run remaining
INSUFFICIENT_BALANCE"Insufficient balance for full batch."Reduce amounts
SAFETY_AGGREGATE_LIMIT"Total batch exceeds daily limit."Reduce total batch size

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…