Security Audit

crypto-self-learning

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

crypto-self-learning received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Arbitrary File Write/Read via --memory-path, Missing `weekly_review.py` script.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

93%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

2 findings

Dynamic Code

2 findings

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
HIGH	Arbitrary File Write/Read via --memory-path The `update_memory.py` script accepts a `--memory-path` argument which is directly used to open and write to a file. An attacker could provide a path outside the intended skill directory (e.g., `/etc/passwd`, `../../sensitive_file.txt`) to read or overwrite arbitrary files on the system. This constitutes a path traversal vulnerability, allowing the skill to access or modify files beyond its intended scope. Sanitize the `memory_path` argument to ensure it is within an allowed, sandboxed directory. This can be done by resolving the path to its absolute form and verifying that it starts with a known safe base directory (e.g., using `Path.resolve()` and `Path.is_relative_to()`). Alternatively, restrict the LLM's ability to provide arbitrary paths for this argument.	LLM	scripts/update_memory.py:70
MEDIUM	Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions.	Manifest	skills/totaleasy/crypto-self-learning/scripts/log_trade.py:3
INFO	Missing `weekly_review.py` script The `SKILL.md` documentation mentions and provides an example command for `python3 {baseDir}/scripts/weekly_review.py`. However, the `scripts/weekly_review.py` file is not included in the provided skill package context. This indicates an incomplete skill or a dependency on an unprovided script, which could lead to runtime errors or introduce supply chain risks if users are expected to source this script from an unknown location. Either include the `weekly_review.py` script in the skill package to ensure completeness, or remove its mention from the `SKILL.md` if it is not intended to be part of this skill's functionality.	LLM	SKILL.md:100

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a26c302b842458ed.svg)](https://skillshield.io/report/a26c302b842458ed)