Uniswap Assess Risk
v0.1.0Get an independent risk assessment for any proposed Uniswap operation — swap, LP position, bridge, or token interaction. Evaluates slippage, impermanent loss, liquidity, smart contract, and bridge risks with a clear APPROVE or VETO decision. Use when the user asks if something is safe or wants a risk evaluation.
⭐ 0· 762·3 current·3 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the instructions: the skill parses a proposed Uniswap operation and produces per-dimension risk scoring and an APPROVE/VETO decision. It delegates the actual evaluation to a 'risk-assessor' Task, which is consistent with being an instruction-only skill that doesn't ship code or request credentials. However, the SKILL.md does not document the data sources (public RPCs, The Graph, Etherscan, token lists, audit databases) or what external services the subagent will query, which is an important capability gap.
Instruction Scope
The instructions delegate all analysis to Task(subagent_type:risk-assessor) without constraints or a clear list of trusted data sources. 'On-chain data' and checks like 'hook audit status' or 'verified token lists' require external queries; the SKILL.md does not specify which endpoints, whether queries are to third-party APIs, or whether private keys, wallets, or local files will be accessed. The 'terminal node' and 'non-overridable HARD VETO' language is ambiguous — it describes agent behavior but doesn't technically prevent other agents or system policies from influencing outcomes. This vagueness grants broad runtime discretion to the subagent.
Install Mechanism
Instruction-only skill with no install spec and no code files. No on-disk install activity is required, which minimizes direct install-time risk.
Credentials
The skill declares no required environment variables or credentials, which aligns with the manifest. That said, the analysis it promises (RPC queries, token list lookups, audit checks, bridge liquidity checks) typically requires access to external APIs or RPC endpoints; the SKILL.md does not say whether those use public endpoints or require API keys (which are not declared). The absence of declared credentials is possibly legitimate, but it also leaves unclear whether the agent will prompt for, require, or attempt to access secrets at runtime.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not request writing to system config or other skills' settings in the spec, which is appropriate for a risk-checking skill.
What to consider before installing
This skill appears to do what it says on the surface, but the runtime behavior is underspecified. Before installing or using it for high-value decisions, ask the maintainer these questions: (1) Which on-chain data sources and third-party APIs does the risk-assessor use (public RPCs, The Graph, Etherscan, token lists, audit DBs)? Provide explicit endpoints and privacy policies. (2) Does the subagent require API keys, RPC endpoints, or other secrets at runtime? If so, which ones and where must they be configured? (3) What exactly enforces a 'HARD VETO' — is that purely advisory text, or will the agent block actions or interact with your wallet/execution pipeline? (4) Can you see example assessments and logs showing the queries made (so you can verify no private data is exfiltrated)? If the answers are vague or require the agent to call arbitrary external URLs, avoid using it for real fund transfers or large positions until you have a clear trust model and can inspect what the subagent actually queries.Like a lobster shell, security has layers — review code before you run it.
latestvk9778t31rj9vy85yjrvs5bx2hx80xdme
License
MIT-0
Free to use, modify, and redistribute. No attribution required.