ClawHub
Back to skill
v1.3.0

SUPAH Base Intelligence

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:57 AM.

Analysis

This skill is mostly aligned with Base token intelligence, but its automatic USDC payment flow has inconsistent cost limits and its docs include unsafe auto-trading guidance.

GuidanceReview the payment settings carefully before enabling this skill, especially automatic x402 spending and endpoint prices. Do not let an agent auto-trade from its signals without explicit approval and limits. Verify the official repository/source before installing or updating.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
README.md
### Automated Trading Bot

```javascript
// Get signals and auto-execute
const signals = await supah.getSignals({ minScore: 85 });

for (const signal of signals) {
  if (signal.gates.sec >= 90) {
    await executeTrade(signal.address);
  }
}
```

The documentation encourages automatically executing trades from signal output without showing human confirmation, position limits, or rollback controls. Trading is a high-impact financial action and is broader than the skill's otherwise read-only API implementation.

User impactAn agent or developer following this example could make real trades automatically based on external signals, potentially losing funds.
RecommendationUse this skill for analysis only unless every trade requires explicit user approval, clear spend limits, and independent validation.
Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
"x402": { "enabled": true, "currency": "USDC", "network": "base", "maxPerCall": "0.08" } ... | Signal feed | $0.15 | ... Your agent's x402-compatible HTTP client pays automatically.

The declared maximum per call is $0.08, but the same artifact advertises a $0.15 signal-feed call and says the agent pays automatically. This makes the actual payment boundary unclear.

User impactThe user may not be able to tell how much an autonomous agent call can actually cost before funds are spent.
RecommendationConfirm the effective x402 spend cap in the client before use, and the maintainer should make all pricing and max-per-call values consistent.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusConcern
README.md
git clone https://github.com/supahonbase/supah-openclaw-skill supah-base-intelligence

The manual install source differs from other artifact repository claims, including clawhub.json's repository and package.json's repository, while the registry source is listed as unknown. This creates provenance ambiguity.

User impactA user trying to install or audit the skill may fetch a different codebase than the one reviewed here.
RecommendationInstall only from a verified source, and the maintainer should align the registry source, README, package metadata, repository URL, and version numbers.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityInfoConfidenceHighStatusNote
index.js
const API_BASE = process.env.SUPAH_API_BASE || 'api.supah.ai'; ... const data = await apiRequest(`/agent/v1/portfolio/${wallet}`);

The skill sends token and wallet identifiers to an external SUPAH API host. This is purpose-aligned, but wallet addresses can reveal portfolio interests or trading research.

User impactYour queried token and wallet addresses are shared with the configured API provider.
RecommendationOnly analyze wallet addresses you are comfortable sending to the configured SUPAH API endpoint, and verify SUPAH_API_BASE if you override it.