ClawHub

Uniswap Submit Limit Order

Security checks across malware telemetry and agentic risk

Overview

This skill appears to support a legitimate UniswapX limit-order workflow, but it can submit real crypto trades without requiring a clear final confirmation or fully explaining wallet authority and monitoring scope.

Review this skill carefully before installing. Only use it with a Uniswap MCP, wallet connection, and trade-executor setup you trust, and require the agent to show the exact wallet, chain, token pair, amount, limit or minimum received, expiry, and cancellation/fill implications before you give explicit approval to submit any order.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to submit a live UniswapX order but does not explicitly warn that this is a real trading action that can affect the user's assets and create binding order intent. In a financial trading context, omission of an explicit execution-risk and fund-impact warning increases the chance of unintended orders being placed from ambiguous or insufficiently confirmed user requests.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The monitoring section says the system may poll order status and 'will report when filled or expired' without defining whether monitoring is continuous, how long it lasts, or whether the user has consented to background tracking. In a trading workflow, this can create misleading expectations about agent persistence and may trigger unintended repeated polling or quasi-autonomous behavior beyond the user's understanding.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal