Uniswap Swap Simulation
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: uniswap-swap-simulation Version: 0.1.0 The skill bundle is designed for simulating Uniswap swaps, analyzing price impact, slippage, routing, and gas estimation. The `SKILL.md` provides technical instructions and `viem` code snippets for read-only blockchain interactions (e.g., `readContract` on a QuoterV2 contract). There is no evidence of malicious intent, such as data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts against the agent. All content aligns with the stated purpose and uses standard, non-harmful operations.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user installs from the remote command, they are trusting the current contents of that remote source.
The README documents installing from a remote GitHub path via npx. This is a normal install pattern, but the path references a branch rather than a fixed commit, so users should verify the source they install.
npx skills add https://github.com/wpank/Agentic-Uniswap/tree/main/.ai/skills/uniswap-swap-simulation
Prefer the published registry version or verify/pin the GitHub source before installing.
For sensitive or large planned trades, quote requests could reveal trading intent to the RPC provider used for simulation.
The simulation examples use a blockchain client/RPC call with swap parameters. This is read-only and purpose-aligned, but an RPC provider may see the queried tokens and amounts.
import { createPublicClient, http, encodeFunctionData } from "viem"; ... const quote = await client.readContract({ ... args: [{ tokenIn, tokenOut, amountIn, fee, ... }] });Use a trusted or private RPC provider for sensitive simulations, as the skill itself also recommends for large swaps.