Uniswap Cross Chain Swap
v0.1.0Execute a cross-chain token swap via Uniswap's bridge infrastructure. Handles quoting, safety validation, bridge monitoring, and destination confirmation. Use when the user wants to swap tokens across different chains.
⭐ 0· 726·3 current·3 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, and declared allowed tools (mcp__uniswap__getSupportedChains, mcp__uniswap__getTokenInfo, and delegation to a cross-chain executor subagent) align with a cross‑chain swapping purpose. However, the skill claims to 'execute' swaps but does not describe where signing credentials, wallet connections, or RPC endpoints come from — a necessary capability for on‑chain execution. This could be legitimate if the delegated cross-chain-executor subagent handles signing, but that relationship is not documented here.
Instruction Scope
SKILL.md stays narrowly scoped: it validates chains/tokens, extracts parameters, and delegates the 7‑step workflow to Task(subagent_type:cross-chain-executor). It does not instruct the agent to read files, environment variables, or unrelated system state. Concern: there are no instructions about acquiring user wallet consent, connecting a signer, or handling private keys — yet the skill promises to perform transactions and bridge monitoring.
Install Mechanism
There is no install spec in the registry (instruction-only), which is lower risk. However, README contains example install commands that would pull code from a GitHub path or via 'clawhub' using npx. That suggests external code may be available and installable even though no install spec is declared — a discrepancy worth reviewing before running those install commands.
Credentials
The skill declares no required environment variables or credentials, yet it intends to execute on‑chain operations (send transactions, monitor bridges). Executing swaps requires signing credentials (private key, wallet connection, or external signer) and possibly RPC node endpoints; the lack of any declared mechanism for signing or credential use is a proportionality/omission concern. It's unclear whether the delegated subagent will prompt for secrets, use platform-managed keys, or require the user to paste private keys — each has different security implications.
Persistence & Privilege
always is false, there are no requested config paths, and the skill is user-invocable with normal autonomous invocation allowed. Nothing here indicates elevated or persistent privileges beyond the platform defaults.
What to consider before installing
This skill claims to execute cross‑chain swaps but does not explain how transactions will be signed or where code runs. Before installing or using it: (1) Ask the author how signing is performed — is it via a browser wallet popup, an external signer, or must you supply private keys/keys as environment variables? Never paste private keys into a skill. (2) If you plan to install code referenced in the README, review that GitHub repository thoroughly — installing code from unknown repositories can execute arbitrary code. (3) Verify the implementation of the delegated 'cross-chain-executor' subagent (it likely performs the actual on‑chain work) and ensure it does not request unnecessary credentials or persist them. (4) Prefer solutions that use non‑custodial, user-driven signing (wallet popup or hardware wallet) and explicit, documented RPC/provider configuration. If the author cannot clarify where signing happens or demands private keys without a secure, documented flow, do not proceed.Like a lobster shell, security has layers — review code before you run it.
latestvk97ehemhtqfam988tepry06h1n80xw2x
License
MIT-0
Free to use, modify, and redistribute. No attribution required.