Trust Assessment
clawdvine received a trust score of 40/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 1 high, 2 medium, and 1 low severity. Key findings include Hardcoded Bearer Token detected, Unpinned npm dependency version, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Direct handling of EVM private key from environment variables The skill explicitly instructs the user to provide their `EVM_PRIVATE_KEY` as an environment variable (e.g., `EVM_PRIVATE_KEY=0x...`). Multiple bundled scripts (`scripts/sign-siwe.mjs`, `scripts/check-balance.mjs`, `scripts/x402-generate.mjs`) then directly access and use this private key to derive an account, sign SIWE messages, and sign x402 payments. This grants the skill full programmatic control over the user's associated EVM wallet, including the ability to initiate and sign arbitrary transactions, leading to potential fund loss or unauthorized actions. This also constitutes a severe data exfiltration risk if the skill or its dependencies are compromised. Avoid direct handling of private keys. Instead, integrate with secure wallet providers (e.g., MetaMask, WalletConnect) that manage private keys externally and only expose signing capabilities. If direct key access is unavoidable, implement robust security measures like hardware security modules (HSMs), encrypted storage, or requiring explicit user confirmation for each transaction. Educate users on the extreme risks of exposing private keys. | LLM | SKILL.md, scripts/sign-siwe.mjs, scripts/check-balance.mjs, scripts/x402-generate.mjs:100 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/c0rv0s/clawdvine/SKILL.md:47 | |
| MEDIUM | Unpinned npm dependency version Dependency '@x402/evm' is not pinned to an exact version ('^2.2.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/c0rv0s/clawdvine/package.json | |
| MEDIUM | Unpinned dependencies in package.json The `package.json` file uses caret (`^`) ranges for several critical dependencies, including `@x402/evm`, `@x402/fetch`, `siwe`, and `viem`. This allows npm to install minor or patch versions newer than specified, which could introduce vulnerabilities if a dependency is compromised or a malicious update is published. While common, this practice increases the attack surface for supply chain attacks. Pin all dependencies to exact versions (e.g., `2.2.0` instead of `^2.2.0`) to ensure deterministic builds and prevent unexpected updates. Use a `package-lock.json` or `yarn.lock` file and commit it to version control. Regularly audit dependencies for known vulnerabilities using tools like `npm audit`. | LLM | package.json:10 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/c0rv0s/clawdvine/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/6f11a6a1554a9a06)
Powered by SkillShield