Uniswap Cross Chain Arbitrage
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: cross-chain-arbitrage Version: 0.1.0 The skill bundle describes a cross-chain arbitrage agent that scans for opportunities, assesses risk, and executes trades using specific sub-agents and Uniswap tools. The `SKILL.md` instructions are highly focused on the stated purpose, providing clear workflow, parameters, and error handling. There is no evidence of prompt injection designed to exfiltrate data, execute arbitrary commands, establish persistence, or perform other malicious actions. The `allowed-tools` are specific to the DeFi domain, and installation methods are standard. While financial operations carry inherent risk, the skill itself does not exhibit malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked in execute mode, the agent could attempt cross-chain trades that spend funds, incur gas/bridge fees, or lose money through slippage or failed execution.
The skill is designed to execute financial transactions, defaults to execute mode, and does not show a default spending cap. The visible workflow includes user selection, but the artifacts do not clearly define hard approval, cap, or transaction-signing boundaries.
Task(subagent_type:cross-chain-executor) ... | maxAmount | No | -- | Maximum capital to deploy per opportunity ... | mode | No | execute | "execute" (full pipeline) or "scan"
Use scan-only mode by default, set an explicit maxAmount, and require manual review of every route, cost estimate, and wallet signature before execution.
A user may not clearly understand which wallet, account, or delegated authority the skill will use before it evaluates or attempts trades.
Reading an agent's Uniswap balance and performing cross-chain execution implies access to wallet/account privileges, while the supplied registry metadata declares no primary credential or required credential setup.
- mcp__uniswap__get_agent_balance ... This skill automates ... cross-chain execution via ERC-7683
Declare the exact wallet/account authority required, document whether any signing is manual or delegated, and limit the skill to a clearly selected wallet and spending allowance.
The reviewed package does not provide code for the referenced execution behavior, so users must trust the external source and runtime tools.
The README points to an external GitHub install source, while the reviewed artifact set contains only README.md and SKILL.md. This is normal for an instruction-only skill, but any external subagents or execution components are not reviewable here.
npx skills add https://github.com/wpank/Agentic-Uniswap/tree/main/.ai/skills/cross-chain-arbitrage
Install only from a trusted source and review any referenced subagents, MCP servers, or executor components before allowing trade execution.
Portfolio balances, trade candidates, and risk information may be exposed to configured subagents or provider tools during analysis and execution.
The workflow passes financial and portfolio context among multiple subagents and a Uniswap MCP tool. This is purpose-aligned for arbitrage, but the artifacts do not specify data boundaries between those components.
Task(subagent_type:opportunity-scanner) ... Task(subagent_type:risk-assessor) ... Task(subagent_type:cross-chain-executor) ... Task(subagent_type:portfolio-analyst) ... mcp__uniswap__get_agent_balance
Confirm which subagents and MCP servers receive account data, and avoid using sensitive wallets unless data handling and permissions are understood.