Security Audit

clawdvine

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

clawdvine received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 2 medium, and 0 low severity. Key findings include Hardcoded Bearer Token detected, Unpinned npm dependency version, Skill requires direct access to EVM private key.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

85%

Dependency Graph

93%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Excessive Permissions

1 finding

Security Findings4

Severity	Finding	Layer	Location
HIGH	Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference.	Static	skills/imthatcarlos/clawdvine-skill-2/SKILL.md:47
HIGH	Skill requires direct access to EVM private key The skill's bundled scripts (`check-balance.mjs`, `sign-siwe.mjs`, `x402-generate.mjs`) explicitly read the `EVM_PRIVATE_KEY` environment variable. This private key grants full control over an associated EVM wallet, allowing for signing arbitrary transactions and spending funds. While used for legitimate payment and authentication within the skill, exposing a private key directly to an AI agent's environment is a high-risk practice. A compromised agent or environment could lead to the exfiltration or misuse of funds. Implement a more secure method for handling sensitive credentials, such as using a secure vault, hardware security module (HSM), or a dedicated signing service that does not expose the raw private key to the agent's runtime environment. If direct access is unavoidable, ensure robust isolation and access controls for the agent's execution environment.	LLM	scripts/check-balance.mjs:20
MEDIUM	Unpinned npm dependency version Dependency '@x402/evm' is not pinned to an exact version ('^2.2.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk.	Dependencies	skills/imthatcarlos/clawdvine-skill-2/package.json
MEDIUM	Unpinned dependencies in package.json The `package.json` file uses caret (`^`) ranges for all listed dependencies (`@x402/evm`, `@x402/fetch`, `siwe`, `viem`). This allows for automatic updates to minor and patch versions, which could inadvertently introduce breaking changes, vulnerabilities, or malicious code if a dependency maintainer's account is compromised. This poses a supply chain risk. Pin all dependencies to exact versions (e.g., `1.2.3` instead of `^1.2.3`). Use a dependency auditing tool and regularly review updates before incorporating them into the project.	LLM	package.json:10

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/84a0265b08a2b0e5.svg)](https://skillshield.io/report/84a0265b08a2b0e5)