Security Audit

leviathan-news

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

leviathan-news received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Skill requires and handles highly sensitive WALLET_PRIVATE_KEY.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
CRITICAL	Skill requires and handles highly sensitive WALLET_PRIVATE_KEY The skill explicitly requires the `WALLET_PRIVATE_KEY` environment variable for authentication via wallet signature. While the documentation includes strong warnings about local use and never sharing the key, the mere requirement for an AI agent to access and handle a private key introduces a critical risk. A compromised agent or a malicious prompt could exploit this access to exfiltrate the private key, use it for unauthorized signing, or otherwise compromise the associated wallet. The skill's example code demonstrates retrieving `WALLET_PRIVATE_KEY` from `os.environ`. 1. Isolate Credential Handling: Implement a secure, isolated service or hardware module (e.g., HSM, secure enclave) for signing operations. The AI agent should only send the message to be signed to this service and receive the signature back, never directly accessing the private key. 2. Least Privilege: Re-evaluate if the AI agent truly needs direct access to the private key. If the signing can be offloaded, it should be. 3. Strong Sandboxing: Ensure the AI agent's execution environment is heavily sandboxed, preventing any network egress or file system access that isn't strictly necessary for the skill's operation, especially when handling sensitive credentials. 4. User Consent/Confirmation: For any operation involving the private key, require explicit user confirmation for each signing request, detailing the message being signed.	LLM	SKILL.md:230

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/fcd3bef95b0a3549.svg)](https://skillshield.io/report/fcd3bef95b0a3549)