ClawHub

Uniswap Bridge Tokens

v0.1.0

Bridge tokens from one chain to another without swapping. Simplified cross-chain transfer where the output token is the same as the input token. Use when the user wants to move tokens between chains.

0· 722·1 current·1 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (bridge same-token across chains) aligns with the declared workflow: resolve token info, check supported chains, and delegate execution to a cross-chain-executor. No unrelated binaries, env vars, or installs are requested by this skill itself.
Instruction Scope
SKILL.md stays on-topic: it extracts parameters, validates via mcp__uniswap__getSupportedChains and mcp__uniswap__getTokenInfo, then delegates to Task(subagent_type:cross-chain-executor). It does not instruct reading local files, environment variables, or contacting external endpoints directly. Note: the skill intentionally delegates execution to another agent — the security posture depends on that executor's behavior and required credentials.
Install Mechanism
No install spec or code files are included (instruction-only), so nothing will be written to disk or downloaded by this skill. This is the lowest-risk install model.
Credentials
The skill itself requires no credentials or env vars, which is consistent with being an instruction-only delegator. However, actual bridging requires transaction signing and access to wallets/keys — those responsibilities are deferred to the cross-chain-executor subagent and are not declared here. Verify that the executor requests only the minimal credentials and that you trust its key management and signing flow.
Persistence & Privilege
The skill does not request always:true and has no install-time persistence. Autonomous invocation is allowed (platform default), which is appropriate for a task-oriented skill that may be invoked by the agent.
Assessment
This skill is coherent and low-risk as an instruction-only wrapper, but it delegates actual transfers to a separate executor agent. Before installing or invoking it: 1) confirm what cross-chain-executor implementation will run (who operates it, where it runs), 2) verify how signing keys/wallet access are provided and stored (do not expose private keys to untrusted code), 3) test with a very small amount first, and 4) ensure you have auditability/logs for the executor's actions. If the executor ever asks for unrelated credentials or access, treat that as a red flag.

Like a lobster shell, security has layers — review code before you run it.

latestvk975y4rk30td2jgkeaz5z57k7x80x6k2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments