ClawHub

Uniswap Analyze Pool

v0.1.0

Analyze a specific Uniswap pool's performance, liquidity depth, fee APY, and risk factors. Use when the user asks about pool metrics, TVL, volume, or whether a pool is good for LPing.

0· 721·0 current·0 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, parameters, and workflow all align: the skill only extracts pool parameters and delegates to Task(subagent_type:pool-researcher) to fetch on-chain metrics. There are no unrelated env vars, binaries, or install steps declared.
Instruction Scope
SKILL.md confines the agent to parameter extraction, delegation to the pool-researcher subagent, and formatting results. It does not instruct reading local files or arbitrary env vars. Note: because it delegates all work, security depends on what the pool-researcher agent does (not visible here).
Install Mechanism
No install spec is included (instruction-only), which is low-risk. The README contains example npx install commands pointing at a GitHub path or 'clawhub' — those are user-facing instructions, not an enforced install spec here, but if a user follows them they would fetch/run remote code. Users should vet the remote repo before executing such install commands.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate for a read-only analysis skill that delegates data gathering to a subagent.
Persistence & Privilege
always is false and there is no install-time or runtime behavior described that would alter other skills or system-wide settings. The skill does not request persistent privileges.
Assessment
This skill appears internally consistent and low-risk because it only formats parameters and delegates to a subagent, and it requests no credentials. Before installing or using it, verify (1) the identity and code of the pool-researcher subagent — confirm it doesn't ask for private RPC keys, wallet private keys, or read local files; (2) any README install commands that fetch code from GitHub/clawhub — review that repository before running npx; and (3) whether the subagent will send data to third-party endpoints. If you need stronger guarantees, ask for the pool-researcher's implementation or run analyses in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fh3p88jpse89hgnxn4wcy9d80w6m1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments