Back to skill
Skillv1.0.1
ClawScan security
Ponzu Launchpad · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 7:30 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are coherent with a blockchain launchpad: it legitimately needs a private key, network, and RPC URL to deploy and interact with contracts, but it instructs installing third‑party npm packages and requires careful handling of the private key.
- Guidance
- This skill appears to do what it says (deploy and interact with a Ponzu launchpad), but you should take precautions before using it: 1) Never expose your main private key — create and fund a dedicated ephemeral wallet for deployments and testing. 2) Test thoroughly on a testnet (Sepolia) first. 3) Inspect the @ponzu_app/sdk package source (and viem usage) on the npm registry / GitHub before running npm install — npm packages can run arbitrary code. 4) Prefer using a trusted RPC endpoint (or your own node) — public RPC providers may see transaction payloads. 5) If you want to avoid exposing a raw private key to the environment, consider signing transactions offline or with a hardware wallet / dedicated signing service. If you want extra assurance, request the package's source repository, audit reports, and the on‑chain contract addresses referenced by the skill before proceeding.
Review Dimensions
- Purpose & Capability
- okThe skill is a token launchpad and declares PONZU_PRIVATE_KEY, PONZU_NETWORK, and PONZU_RPC_URL — credentials and config that are expected and necessary to sign and broadcast Ethereum transactions.
- Instruction Scope
- noteSKILL.md contains code examples that sign transactions with process.env.PONZU_PRIVATE_KEY and broadcast to the configured RPC. This stays within the stated purpose, but the instructions also advise installing @ponzu_app/sdk from npm (external code) which could introduce behavior beyond what the prose states (e.g., telemetry or additional network requests). The manifest does not include an automated install spec — installation is manual/implicit in the instructions.
- Install Mechanism
- noteNo install spec is included in the registry (lowest automated risk), but the README explicitly tells users to run npm install @ponzu_app/sdk viem. Pulling an npm package is a moderate-risk action because it executes third-party code; verify the package source and contents before running.
- Credentials
- okOnly three env vars are required (private key, network, RPC URL). These are proportionate to deploying and interacting with Ethereum contracts. PONZU_PRIVATE_KEY is highly sensitive — the skill documents recommended mitigations (dedicated wallet, testnet).
- Persistence & Privilege
- okalways is false; the skill does not request system-wide config paths or cross-skill modifications and contains no install scripts in the registry. It does not ask to remain permanently enabled.