Security Audit

crypto-tracker

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

crypto-tracker received a trust score of 92/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Potential Data Exfiltration via Skill Output, Unpinned Dependencies in Skill Manifest.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

91%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Potential Data Exfiltration via Skill Output The `check-alerts` command, as described in `SKILL.md`, is designed to output triggered alerts, including `user_id` and specific alert details. If the agent executing this skill does not securely handle or filter this output, sensitive user data (such as `user_id`s and their associated alert configurations) could be exfiltrated or logged insecurely. While this is the intended functionality of the command, it poses a risk if the output channel is not protected. The agent consuming the output of `check-alerts` should be designed to handle sensitive data securely. This includes filtering or redacting `user_id`s if they are not strictly necessary for the notification process, ensuring logs are secured, and restricting access to the output. The skill itself could be enhanced to offer an option to redact `user_id` from the output for privacy-sensitive contexts.	LLM	SKILL.md:70
LOW	Unpinned Dependencies in Skill Manifest The `scripts/crypto.py` manifest specifies dependencies (`httpx`, `click`) without pinning them to specific versions. This means that `uv` will install the latest compatible versions at the time of installation. While `uv` helps manage environments, relying on unpinned dependencies can introduce supply chain risks, as new versions might contain breaking changes, vulnerabilities, or unexpected behavior. Best practice is to pin dependencies to exact versions to ensure deterministic builds and prevent regressions. Pin the dependencies to specific versions (e.g., `httpx==0.25.0`, `click==8.1.7`) in the `pyproject.toml` section of the script. Alternatively, ensure that a `uv.lock` file or similar dependency lock mechanism is used and committed to the repository to guarantee consistent dependency resolution.	LLM	scripts/crypto.py:3

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/308f869296ec3c71.svg)](https://skillshield.io/report/308f869296ec3c71)