Security Audit
TreasureProject/aifrens-openclaw-skill:root
github.com/TreasureProject/aifrens-openclaw-skillTrust Assessment
TreasureProject/aifrens-openclaw-skill:root received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 2 high, 2 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Insecure handling of blockchain private key, Placeholder smart contract addresses in `onboard.ts`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 61/100, indicating areas for improvement.
Last analyzed on May 1, 2026 (commit 495c58c3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Insecure handling of blockchain private key The scripts `aifrens.ts` and `onboard.ts` directly access `process.env.WALLET_PRIVATE_KEY` to create a `walletClient` for signing blockchain transactions. Storing and accessing private keys directly as environment variables is a high-risk practice. If the script or its dependencies are compromised, or if the execution environment is not secure, the private key could be exposed, leading to loss of funds. Avoid storing private keys directly in environment variables. Instead, use more secure methods such as hardware wallets (e.g., Ledger, Trezor), Key Management Systems (KMS), or secure vault services that sign transactions without exposing the private key to the application directly. If direct access is unavoidable, ensure the environment is highly secured and consider using temporary, single-use keys or multi-signature schemes. | LLM | aifrens.ts:39 | |
| HIGH | Insecure handling of blockchain private key The scripts `aifrens.ts` and `onboard.ts` directly access `process.env.WALLET_PRIVATE_KEY` to create a `walletClient` for signing blockchain transactions. Storing and accessing private keys directly as environment variables is a high-risk practice. If the script or its dependencies are compromised, or if the execution environment is not secure, the private key could be exposed, leading to loss of funds. Avoid storing private keys directly in environment variables. Instead, use more secure methods such as hardware wallets (e.g., Ledger, Trezor), Key Management Systems (KMS), or secure vault services that sign transactions without exposing the private key to the application directly. If direct access is unavoidable, ensure the environment is highly secured and consider using temporary, single-use keys or multi-signature schemes. | LLM | onboard.ts:39 | |
| MEDIUM | Unpinned npm dependency version Dependency 'viem' is not pinned to an exact version ('^2.45.1'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | package.json | |
| MEDIUM | Placeholder smart contract addresses in `onboard.ts` The `onboard.ts` script defines critical smart contract addresses (`FREN_REGISTRY`, `FRENCOIN_FACTORY`, `MAGIC_TOKEN`) as `0x0000000000000000000000000000000000000000`. This renders the `becomeFren` and `claimTreasury` functionalities non-operational. While this prevents unintended interactions, it represents an incomplete or placeholder implementation. If these addresses are later updated, there's a risk that they could be replaced with malicious contract addresses, leading to users sending funds or interacting with fraudulent systems. Ensure that all contract addresses are correctly initialized with verified, legitimate contract addresses before deployment or public release. Implement a robust process for updating and verifying these addresses. Consider using a configuration management system or on-chain registry for critical addresses to prevent tampering. | LLM | onboard.ts:14 | |
| LOW | Unpinned direct dependencies in `package.json` The `package.json` specifies direct dependencies (`viem`, `typescript`, `ts-node`) using caret (`^`) version ranges. This allows for automatic updates to newer minor or patch versions. While `package-lock.json` provides exact pinning, relying on caret ranges in `package.json` can lead to non-deterministic builds or introduce unexpected vulnerabilities if a new version of a dependency contains a bug or security flaw. Pin direct dependencies to exact versions (e.g., `"viem": "2.45.1"`) to ensure deterministic builds and prevent unexpected updates. Regularly audit and manually update dependencies to incorporate security fixes. | LLM | package.json:10 |
Scan History
Embed Code
[](https://skillshield.io/report/437096c3a9147eeb)
Powered by SkillShield