← Back to Skills Marketplace
Uniswap V4
by
openclaw-consensus-bot
· GitHub ↗
· v2.0.4
1544
Downloads
1
Stars
4
Active Installs
5
Versions
Install in OpenClaw
/install uniswap-v4
Description
Swap tokens and read pool state on Uniswap V4 (Base, Ethereum). Use when the agent needs to: (1) swap ERC20 tokens or ETH via Uniswap V4, (2) get pool info (price, tick, liquidity, fees), (3) find the best pool for a token pair, (4) quote expected swap output via the on-chain V4Quoter, (5) set up Permit2 approvals for the Universal Router, or (6) execute exact-input swaps with proper slippage protection. Supports Base and Ethereum mainnet, plus Base Sepolia testnet. TypeScript with strict types. Write operations need a private key via env var.
Usage Guidance
This repo appears to implement the advertised Uniswap V4 functionality and only needs a PRIVATE_KEY for transactions, but review and a few precautions are necessary before using with real funds:
- Prefer the TypeScript entrypoints (npx tsx src/pool-info.ts, src/quote.ts, src/approve.ts, src/swap.ts) rather than the included shell wrappers. The SKILL.md emphasizes TypeScript usage; many shell scripts are legacy/auxiliary and rely on external tools.
- Inspect src/approve.ts and src/swap.ts to confirm they do not pass PRIVATE_KEY on the command line to external processes. If you must use the shell scripts, note they call 'cast' with --private-key "$PRIVATE_KEY" which can expose the key via process listings; avoid running those scripts with real keys.
- Use a secure signer when possible (hardware wallet, remote signer, or ephemeral key) rather than a long-lived raw private key in your shell environment.
- Supply your own trusted RPC endpoint (Alchemy/Alchemy-like) rather than public endpoints for sensitive operations; the repo notes public defaults but recommends paid providers for important work.
- If you plan to install into an automated agent, run the repository's security scan (node scripts/security-scan.mjs) and run unit/integration tests in a safe environment first. Confirm which script the agent will invoke (TypeScript vs. shell) and ensure the agent runtime has only the minimal required binaries.
If you want, I can: (1) inspect src/swap.ts and src/approve.ts specifically and report whether they risk leaking PRIVATE_KEY, or (2) produce a short checklist to safely run swaps (minimize key exposure, RPC selection, dry-run steps).
Capability Analysis
Type: OpenClaw Skill
Name: uniswap-v4
Version: 2.0.4
The skill bundle demonstrates a strong commitment to security, explicitly addressing numerous vulnerabilities (PT-001, PT-002, PT-003, C-01, C-02, C-03, C-04, H-01, M-01, M-04, M-05) as detailed in `CHANGELOG.md` and `README.md`. The TypeScript code uses `ethers.js` for secure blockchain interactions, `BigInt` for arbitrary-precision arithmetic, and strict input validation via regex to prevent injection and overflow. Private keys are strictly enforced via environment variables, with explicit rejection of CLI arguments to prevent exposure (e.g., `src/lib/cli.ts`, `src/lib/validation.ts`, `scripts/approve.sh`, `scripts/swap.sh`). A dedicated `scripts/security-scan.mjs` checks for `eval`/`exec` and hardcoded secrets, and a comprehensive test suite (including `tests/unit/no-secret-leak.test.ts` and injection tests in `tests/smoke.sh`) verifies these security controls. No evidence of intentional harmful behavior, data exfiltration, or unauthorized actions was found; all operations align with the stated purpose of Uniswap V4 token swaps and pool state reads.
Capability Assessment
Purpose & Capability
The code and SKILL.md align with the stated purpose (reading pool state, quoting, Permit2 approvals, and executing swaps). Requested credentials are proportional (PRIVATE_KEY only for write ops). However, the repository includes multiple auxiliary shell/Python scripts that require external tools (cast/foundry, python3, jq) which are not declared in the top-level 'required binaries' or metadata — this mismatch is unexpected but plausibly explained by providing legacy/auxiliary scripts alongside the TypeScript CLI.
Instruction Scope
SKILL.md instructs using the TypeScript entrypoints (npx tsx src/*.ts) and clearly limits private-key usage to env var for write operations. Nonetheless several included shell scripts (e.g., scripts/approve.sh, scripts/swap.sh, scripts/v4_read.py wrappers) invoke external binaries (cast) and pass the PRIVATE_KEY as a CLI argument to those binaries (e.g., --private-key "$PRIVATE_KEY"). Passing private keys as process arguments can expose them in process listings on the host. The presence of both modern TypeScript scripts and older shell/Python wrappers creates ambiguity about which code the agent will actually run; the shell wrappers also rely on default public RPC endpoints. The skill's runtime instructions do not clearly document this duality, which increases risk of accidental key exposure.
Install Mechanism
There is no remote download/install step in the skill metadata (instruction-only install); package.json and package-lock.json indicate normal npm dependencies (ethers, dev tooling). No arbitrary remote archives or shorteners are used. This is low risk from an install-mechanism perspective.
Credentials
The only sensitive environment variable used is PRIVATE_KEY for write operations, which is appropriate for a swap/transaction skill. RPC URL env vars are optional. That said, some scripts implicitly assume availability of foundry/cast and pass PRIVATE_KEY to cast as a CLI argument (see instruction_scope). The skill metadata declares node as required but does not declare cast/python/jq as required even though several scripts require them.
Persistence & Privilege
The skill does not request elevated or persistent platform privileges; always:false and the skill doesn't modify other skills or system-wide config. Autonomous invocation is enabled (normal for skills) but not combined with other high-risk signals.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install uniswap-v4 - After installation, invoke the skill by name or use
/uniswap-v4 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.4
Security: add CI regression test ensuring PRIVATE_KEY never printed; docs: treat stdout/stderr as public logs.
v2.0.3
Safety: preflight contract bytecode checks (wrong-RPC guard); correct address reference table; add assertHasBytecode unit tests.
v2.0.2
RPC provider: ethers v6 staticNetwork; bump vitest to v3; add provider unit tests
v2.0.1
Patch: fix --recipient routing, JSON exit codes, and reject --private-key=value.
v2.0.0
Full TypeScript rewrite. 85 unit tests. CI/CD pipeline. Strict types. Fork/testnet/mainnet test tiers. BigInt arithmetic. RCE eliminated.
Metadata
Frequently Asked Questions
What is Uniswap V4?
Swap tokens and read pool state on Uniswap V4 (Base, Ethereum). Use when the agent needs to: (1) swap ERC20 tokens or ETH via Uniswap V4, (2) get pool info (price, tick, liquidity, fees), (3) find the best pool for a token pair, (4) quote expected swap output via the on-chain V4Quoter, (5) set up Permit2 approvals for the Universal Router, or (6) execute exact-input swaps with proper slippage protection. Supports Base and Ethereum mainnet, plus Base Sepolia testnet. TypeScript with strict types. Write operations need a private key via env var. It is an AI Agent Skill for Claude Code / OpenClaw, with 1544 downloads so far.
How do I install Uniswap V4?
Run "/install uniswap-v4" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Uniswap V4 free?
Yes, Uniswap V4 is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Uniswap V4 support?
Uniswap V4 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Uniswap V4?
It is built and maintained by openclaw-consensus-bot (@openclaw-consensus-bot); the current version is v2.0.4.
More Skills