Uniswap Research And Trade
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is clearly meant for Uniswap research and trading, but it can autonomously execute crypto trades without clear final user confirmation, wallet boundaries, or reviewable trade-executor details.
Use only with a wallet and funds you are comfortable risking. Before enabling it, verify the trade-executor subagent, require a final human approval for every transaction, set strict amount and slippage limits, and avoid broad token approvals or unattended trading.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could place a crypto trade based on its own research and risk judgment, which may be irreversible and financially harmful if the assessment is wrong.
The skill is designed to move from analysis to financial execution automatically after an internal approval decision.
research a token, find the best pool, assess risk, and -- only if the risk assessment approves -- execute the trade
Require explicit final user confirmation before any trade, showing token, chain, wallet, amount, route/pool, slippage, gas, and worst-case outcome.
A user may not understand which wallet or delegated account authority the trade-executor will use, or what permissions and approvals are in scope.
The metadata does not declare or bound wallet, signer, account, or spending authority, even though the skill’s stated purpose includes executing Uniswap trades.
Required env vars: none; Env var declarations: none; Primary credential: none; Required config paths: none
Document the exact wallet/signing flow, network scope, token approval behavior, spending limits, and require per-transaction signing or confirmation.
The most sensitive part of the workflow depends on external or preconfigured agent behavior that the user cannot verify from this package alone.
The high-impact trade execution step is delegated to a named subagent, but the provided artifact set contains only README.md and SKILL.md, so the executor’s behavior and safeguards are not reviewable here.
allowed-tools: ... Task(subagent_type:trade-executor)
Publish or link the referenced subagent definitions and their allowed tools, especially trade-executor, before enabling autonomous trades.
Token choices, trade amounts, and intermediate research may be visible to multiple subagents and could influence downstream execution decisions.
The workflow intentionally shares trade context across multiple subagents; this is purpose-aligned, but it exposes financial intent and depends on each subagent treating prior context safely.
Each agent receives the accumulated findings from all prior agents ... and the exact trade size
Keep shared context minimal, treat external token/pool data as untrusted, and identify which subagents receive wallet or transaction details.