Design Uniswap Hook
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: design-hook Version: 0.1.0 The skill bundle is designed to generate a Uniswap V4 hook architecture design document, not code. The `SKILL.md` explicitly instructs the agent to delegate to a `hook-builder` sub-agent in 'design-only mode' with 'no code generation, no file writes'. While the `allowed-tools` include file system access (`Read`, `Glob`, `Grep`), there are no instructions or patterns indicating an intent to misuse these tools for data exfiltration, malicious execution, or persistence. The instructions are clear, aligned with the stated purpose, and lack any signs of prompt injection attempts or other malicious behaviors.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user's hook-design request may be processed by the configured hook-builder subagent or supported-chain MCP tool, rather than only by the top-level skill.
The skill explicitly hands the request to another configured agent and exposes an MCP tool. This is disclosed and bounded to design-only use, but it is still an agent/tool boundary users should recognize.
allowed-tools: ... Task(subagent_type:hook-builder), mcp__uniswap__get_supported_chains ... Invoke `Task(subagent_type:hook-builder)` with explicit instruction to produce a design document only -- no code generation, no file writes.
Install only if you trust the configured hook-builder subagent and Uniswap MCP integration; avoid including unrelated private project details unless needed for the design review.