Back to skill
Skillv1.0.2
ClawScan security
Token Vesting · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:41 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests (cast/forge, ETH_RPC_URL, ETH_PRIVATE_KEY) and runtime instructions match its stated purpose of creating and managing Sablier vesting streams; nothing requests unrelated credentials or system access.
- Guidance
- This skill appears internally consistent, but follow best practices before using it: (1) Never paste private keys into chat. Prefer a hardware wallet or an encrypted Foundry keystore for mainnet signing. (2) If you must use an environment variable, keep keys in ephemeral shells and rotate them after use. (3) Verify the target Sablier contract addresses and recipient addresses before sending funds; test on a testnet first. (4) Ensure your ETH_RPC_URL points to a trusted provider (avoid pasting provider API keys into public contexts). Installing this instruction-only skill does not add binaries to your system, but any transaction you sign will move real tokens — proceed cautiously.
Review Dimensions
- Purpose & Capability
- okThe skill is for creating/managing Sablier vesting streams on EVM chains. Requiring an RPC URL, a signing credential (ETH_PRIVATE_KEY) and EVM tooling (cast/forge) is appropriate and expected.
- Instruction Scope
- noteSKILL.md stays on-topic (deploying/creating/managing streams) and includes clear rules to avoid leaking private keys. It shows examples using environment variables and Foundry keystore/hardware wallets. Note: the examples include exporting ETH_PRIVATE_KEY in a shell (acceptable for short-lived/test use) — users should prefer hardware wallets or encrypted keystores for mainnet.
- Install Mechanism
- okNo install spec (instruction-only), so nothing is downloaded or written by the skill itself — lower risk. The skill assumes the platform already has cast/forge available.
- Credentials
- okOnly ETH_RPC_URL and ETH_PRIVATE_KEY are required (primary credential ETH_PRIVATE_KEY). These are proportionate and necessary for signing and broadcasting transactions. No unrelated secrets or config paths are requested.
- Persistence & Privilege
- okThe skill is not configured as always-on and has disable-model-invocation=true, reducing autonomous invocation risk. It does not request system-wide config changes or other skills' credentials.