Setup Local Anvil Testnet
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: setup-local-testnet Version: 0.1.0 The skill is classified as suspicious primarily due to a prompt injection risk and the exposure of sensitive information. The SKILL.md file instructs the AI agent to output a `curl -L https://foundry.paradigm.xyz | bash && foundryup` command to the user if a prerequisite (Anvil) is not found. While intended for the user, this `curl | bash` pattern is inherently risky, and a poorly constrained AI agent could potentially misinterpret this as an instruction to execute the command itself, leading to arbitrary code execution. Additionally, the skill outputs default Anvil private keys in SKILL.md, which, despite being labeled as test keys, is a sensitive information disclosure.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing from a moving remote source could install changed content later if the upstream branch changes.
The documented install path fetches from a remote GitHub branch rather than a pinned immutable commit. This is common for skill installation but means the user is trusting that remote source at install time.
npx skills add https://github.com/wpank/Agentic-Uniswap/tree/main/.ai/skills/setup-local-testnet
Install only from sources you trust, and prefer a pinned release or commit when reproducibility matters.
Running the setup command gives the remote installer control over the local shell environment.
The skill suggests a user-directed remote shell installer for Foundry/Anvil if Anvil is missing. This is purpose-aligned, but it executes code downloaded from the network.
Install: curl -L https://foundry.paradigm.xyz | bash && foundryup
Review Foundry’s official installation guidance and run the installer only if you trust the source.
Invoking the skill can start or change a local development blockchain and funded test accounts.
The skill grants the agent access to MCP tools that can create and fund a local testnet. This is central to the stated purpose, but it is still local environment mutation.
allowed-tools:\n - mcp__uniswap__setup_local_testnet\n - mcp__uniswap__fund_test_account
Use it when you intentionally want a local Uniswap test environment, and specify chain, block, account count, and port when those details matter.
Anyone with those keys can control the local test accounts, and those keys should never be used for real funds.
The skill’s expected output includes private keys for local development accounts. These are standard disposable test keys, but they still authorize the corresponding accounts.
Private Keys (for wallet config):\n Account #1: 0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
Treat the displayed keys as public, disposable development keys and do not reuse them on public networks or with real assets.