Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Uniswap Submit Limit Order
v0.1.0Submit a UniswapX Dutch auction limit order. Use when user wants to set a limit price, get MEV-protected execution, or submit an order that fills at the best available price. No gas cost until filled.
⭐ 0· 814·2 current·2 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and the SKILL.md steps (get quote, submit_uniswapx_order, poll status, check safety) are consistent with submitting UniswapX Dutch auction limit orders. However, the skill depends on platform microservices (mcp__uniswap__*) and a Task(subagent_type:trade-executor) to perform execution; that is reasonable for a trading skill but shifts important capabilities (wallet signing, network submission) out of the skill and into the platform connectors/subagent.
Instruction Scope
The SKILL.md instructs the agent to use a trade-executor subagent and several MCP connectors without describing how authentication, signing, or explicit user confirmation for on-chain execution will be handled. The instructions also reference checking token allowlists and spending limits (which implies reading configs or user policy) but do not detail where those policies live or what data is read. This gives the skill broad runtime discretion which could result in on-chain actions if the platform connectors are authorized.
Install Mechanism
No install spec or code files are included; the skill is instruction-only so nothing gets written to disk by the skill itself. Note: README suggests installing from a GitHub location via npx, which is inconsistent with the registry showing no install spec — that external-install suggestion is a discrepancy to be aware of.
Credentials
The skill declares no required environment variables or credentials, yet it invokes a trade-executor subagent and MCP connectors that, in practice, will need some form of wallet access or account authorization to submit or finalize orders. The lack of declared credentials or a clear authentication/consent flow is a meaningful mismatch — it's unclear how signing or account access will be obtained and whether user approval will be required for each order.
Persistence & Privilege
always is false and the skill doesn't request persistent system-wide changes. However, the skill is allowed to invoke platform subagents and connectors autonomously (default model invocation enabled). Combined with the other concerns (unexplained execution authority), autonomous invocation could increase risk if platform connectors have broad privileges; on its own this is standard behavior.
What to consider before installing
This skill appears to implement UniswapX limit orders but has unclear trust boundaries. Before installing or enabling it: 1) Confirm how signing and account access are handled — which wallet/account will be used and whether the connector requires long-lived credentials. 2) Ask the platform whether the trade-executor subagent will ask the user for explicit confirmation before submitting any on‑chain transaction. 3) Verify the source of any external install (README points to a GitHub npx install) and avoid running external installers you don't trust. 4) Test with minimal amounts and check safety/allowlist configuration (who controls it?). 5) If you need stronger guarantees, request the skill declare required credentials and an explicit consent/auth flow or provide the trade-executor's audited contract/connector details. If you cannot get clear answers about authentication and consent, treat the skill as higher-risk and prefer manual execution instead of autonomous invocation.Like a lobster shell, security has layers — review code before you run it.
latestvk97f062mfd5k7xc3dy3dmsfv4n80wsv3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.