Uniswap Swap Simulation
PassAudited by ClawScan on May 1, 2026.
Overview
This is a transparent, instruction-only Uniswap simulation guide with no code, credentials, or swap-execution authority; users should mainly notice the external RPC quote examples and remote install commands.
This skill appears safe for simulation guidance and does not include code that executes trades or handles keys. Before installing, use a trusted source or pinned version, and when applying the examples for large or sensitive trades, use a trusted/private RPC and independently verify calculations before acting.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user installs from the remote command, they are trusting the current contents of that remote source.
The README documents installing from a remote GitHub path via npx. This is a normal install pattern, but the path references a branch rather than a fixed commit, so users should verify the source they install.
npx skills add https://github.com/wpank/Agentic-Uniswap/tree/main/.ai/skills/uniswap-swap-simulation
Prefer the published registry version or verify/pin the GitHub source before installing.
For sensitive or large planned trades, quote requests could reveal trading intent to the RPC provider used for simulation.
The simulation examples use a blockchain client/RPC call with swap parameters. This is read-only and purpose-aligned, but an RPC provider may see the queried tokens and amounts.
import { createPublicClient, http, encodeFunctionData } from "viem"; ... const quote = await client.readContract({ ... args: [{ tokenIn, tokenOut, amountIn, fee, ... }] });Use a trusted or private RPC provider for sensitive simulations, as the skill itself also recommends for large swaps.