Security Audit

einstein

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

einstein received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 3 findings: 0 critical, 0 high, 2 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Private key stored in plaintext file.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

91%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Filesystem Write

2 findings

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
MEDIUM	Unpinned npm dependency version Dependency 'viem' is not pinned to an exact version ('^2.0.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk.	Dependencies	skills/chuxo/einstein/package.json
MEDIUM	Private key stored in plaintext file The skill provides an option (`--save-config`) to store the user's `EINSTEIN_X402_PRIVATE_KEY` directly in a `config.json` file within the skill's directory. While the skill recommends using environment variables as the preferred method and advises setting strict file permissions (`chmod 600 config.json`), storing sensitive credentials like private keys in a local plaintext file, even with warnings, increases the risk of data exfiltration. An attacker who gains local file system access could read this file if the recommended permissions are not applied or are circumvented. Strongly discourage storing private keys in local files. Prioritize environment variables as the primary and most secure method. If file storage is absolutely necessary, implement robust encryption for the file and ensure the skill enforces strict file permissions upon creation, rather than relying on user manual steps. Alternatively, consider using a secure secrets management system or a dedicated wallet service that doesn't require direct private key exposure.	LLM	scripts/einstein-setup.mjs:199
LOW	Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution.	Dependencies	skills/chuxo/einstein/package.json

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/c5d81e707ed21b36.svg)](https://skillshield.io/report/c5d81e707ed21b36)