v0.1.0

Uniswap Deploy Agent Token

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:33 AM.

Analysis

The skill is coherent for launching a Uniswap token, but it delegates irreversible financial transactions and LP locking to external agents without clear signer, approval, or provenance boundaries.

GuidanceOnly install or use this skill if you have reviewed the referenced token-deployer, safety-guardian, and lp-strategist agents, and if the runtime requires explicit wallet confirmation for each transaction. Treat it like a financial deployment tool: verify the token address, chain, pricing, liquidity amounts, hooks, lock duration, approvals, and decoded transaction data before signing anything.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Create pool: ... execute initialization. ... Bootstrap liquidity: ... add liquidity via position manager. ... Lock LP: Transfer position NFT to time-locked vault

The skill directs an agent to perform irreversible on-chain actions and asset-locking operations, but the artifact does not specify mandatory user confirmation, transaction review, spending limits, slippage bounds, or abort criteria.

User impactA mistaken or unauthorized execution could create a public pool, move funds into liquidity, or lock LP positions in a way that is costly or impossible to reverse.

RecommendationRequire explicit user approval for every transaction, show decoded transaction details before signing, enforce user-provided spending and slippage limits, and include a dry-run/simulation step before any mainnet action.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

allowed-tools: [Task(subagent_type:token-deployer)] ... The agent internally delegates to `safety-guardian` ... and `lp-strategist`

The critical execution path is delegated to external subagents that are not included in the provided artifacts, while the provided package contains only README.md and SKILL.md.

User impactUsers must trust unreviewed agents to handle token deployment, liquidity strategy, safety validation, and LP locking.

RecommendationReview and pin the referenced subagents before installation, document their permissions and provenance, and avoid relying on unreviewed agents for financial transactions.

Cascading Failures

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Misconfigured pools, missing anti-snipe hooks, or inadequate liquidity can destroy a launch.

The artifact itself acknowledges that bad configuration can have severe downstream effects, while the workflow proceeds through pool creation, liquidity bootstrapping, and LP locking.

User impactIncorrect parameters could affect a public market, expose liquidity to bots, misprice the token, or lock assets under bad conditions.

RecommendationUse testnet or simulation first, require manual review of pricing and liquidity assumptions, and make LP locking opt-in with a clear confirmation of duration and consequences.

Rogue Agents

SeverityLowConfidenceMediumStatusNote

SKILL.md

Monitor: Track price, volume, TVL, and anomalies during the critical first hours.

Post-deployment monitoring is purpose-aligned, but it implies continued autonomous activity after deployment and the artifacts do not define exact stop conditions or permissions during monitoring.

User impactThe agent may continue observing or acting around the token launch for some period after the initial deployment.

RecommendationSpecify whether monitoring is read-only, how long it runs, what alerts or actions it can take, and how the user can stop it.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

Deploys an agent token with a Uniswap V4 pool ... initial liquidity bootstrapping, LP token locking

These actions require wallet/signer authority and control over tokens or funds, but the registry metadata declares no primary credential, required environment variables, or scoped account authority.

User impactThe user may not know what wallet permissions, signer access, token approvals, or custody assumptions are required before the agent acts on real assets.

RecommendationClearly declare the required wallet/signer model, require user-controlled signing, avoid custody of private keys, and scope approvals to exact token amounts and target contracts.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

Delegate to `token-deployer` agent ... The agent internally delegates to `safety-guardian` ... and `lp-strategist`

The skill passes deployment parameters and financial decision-making across multiple agents, but the artifacts do not define the identity, permission boundaries, or data/control limits between those agents.

User impactToken launch parameters, transaction decisions, and potentially wallet-related actions could be handled across agents without clear boundaries.

RecommendationDefine which agent can propose versus execute transactions, what data each subagent receives, and which actions require direct user approval.