ClawHub
Back to skill
v0.1.0

Uniswap Full Lp Workflow

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:34 AM.

Analysis

This skill is purpose-aligned for Uniswap LP management, but it deserves careful review because it can direct wallet-balance access, swaps, and liquidity-position entry through multiple agents.

GuidanceInstall only if you are comfortable with an agent-assisted DeFi workflow. Use a limited wallet, specify exact limits, review every scan and strategy result, and approve swaps or LP entries only after checking the transaction details yourself.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
allowed-tools: ... Task(subagent_type:trade-executor) ... Task(subagent_type:liquidity-manager) ... executes any needed swaps, enters the position

The skill explicitly delegates swap execution and liquidity-position entry to subagents. That matches the LP-management purpose, but it is broad, high-impact financial tool use.

User impactIf approved without careful review, the workflow could move funds into a swap or LP position the user did not fully understand.
RecommendationBefore using it, require transaction previews and set hard limits for capital amount, chain, pool, token exclusions, slippage, deadline, approvals, and whether the agent may proceed after each confirmation.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
metadata
Source: unknown; Homepage: none

The supplied registry metadata does not establish provenance for a high-impact financial skill. No malicious install behavior is shown, but the source should be verified.

User impactA user may not have enough registry-level provenance information to know who maintains the workflow instructions.
RecommendationConfirm the publisher and repository before installing, especially because the skill is intended to manage real funds.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
- mcp__uniswap__get_agent_balance ... capitalToken ... auto-detect from wallet

The skill can access wallet/account balance context and infer what assets the user holds. The registry metadata declares no primary credential or required env vars, so the wallet permission boundary is under-disclosed for a financial workflow.

User impactThe agent may need access to sensitive wallet/account information and transaction authority even though the metadata does not clearly advertise those requirements.
RecommendationUse a dedicated wallet with limited funds, verify what Uniswap/MCP account is connected, and do not grant broad token approvals or signing authority beyond the intended transaction.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
6-agent pipeline ... Each agent builds on all prior agents' findings.

The workflow intentionally passes opportunity, risk, strategy, and portfolio context among multiple subagents. This is purpose-aligned, but users should know sensitive financial context may be shared across the agent chain.

User impactA mistake or sensitive detail in one agent's output can influence later agents in the financial workflow.
RecommendationReview the intermediate scan, strategy, and risk-assessment outputs before allowing trade execution or liquidity entry.