Skillv1.0.0

ClawScan security

Orderly Sdk React Hooks · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 7, 2026, 9:29 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill is an instruction-only reference for the Orderly React SDK hooks and its requirements and instructions align with that purpose.
Guidance: This skill is just documentation/examples for using the @orderly.network React hooks and appears internally consistent. Before you install the referenced npm packages in a project, verify the package identity and source on the npm registry or GitHub, review the package's dependencies and changelog, and run your usual supply-chain checks (pin a version, use a lockfile, run npm/yarn audit). Do not paste private keys or secrets into example code or into a public project. If you plan to run third-party packages in a production environment, consider reviewing the package source or using a vetted fork.

Purpose & Capability: okThe skill is a documentation/reference for @orderly.network React hooks. It requests no binaries, env vars, or configs and the SKILL.md content is consistent with that purpose.
Instruction Scope: okSKILL.md contains code examples, API signatures, and setup guidance for using the hooks in a React app. It does not instruct the agent to run shell commands, read unrelated files, access environment variables, or transmit data to external endpoints.
Install Mechanism: okThere is no install spec (instruction-only). The doc mentions normal npm/yarn install commands for the third-party package, which is expected for a library reference and does not itself install anything on the agent.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The documentation does not request sensitive values or unrelated credentials.
Persistence & Privilege: okalways is false and the skill does not request persistent/system-wide privileges or attempt to modify other skills or agent configuration.