Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Helius x DFlow
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is a coherent Solana trading-development guide, but users should review its external MCP installs, API-key handling, KYC flow, and any fund-moving transaction code before use.
This skill appears suitable for developers building Helius/DFlow Solana trading apps. Before installing, confirm you trust the MCP servers and package sources, protect any API keys, use project-scoped installation if preferred, and never sign or run generated trading code until you have checked the wallet, token mints, amounts, slippage, fees, and network environment.
Static analysis
Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Generated code or agent-assisted workflows could execute real trades and spend fees if connected to a funded wallet.
Why it was flagged
The skill teaches transaction signing and submission for token swaps, which is central to its purpose but can move funds if the user signs or runs generated code.
Skill content
Flow: ... Deserialize and sign the returned base64 transaction ... Submit to Solana RPC (use Helius Sender for optimal landing)
Recommendation
Before signing or running any generated transaction code, verify token mints, amounts, slippage, fee caps, endpoint environment, and whether the workflow is devnet/test or mainnet.
What this means
Leaked or overused API keys could expose account usage, consume paid quotas, or allow unauthorized access to provider services.
Why it was flagged
The skill expects users to provide provider API keys for production/WebSocket use, which is appropriate for Helius/DFlow integrations but grants service access and may consume account credits.
Skill content
DFlow WebSockets always require a key. For production use or WebSocket access, the user needs a DFlow API key
Recommendation
Store keys in environment variables or a secrets manager, do not commit them to code, restrict them where possible, and rotate them if exposed.
What this means
Installing an MCP server expands the agent's available tools, and using '@latest' can change behavior when the package updates.
Why it was flagged
The skill recommends installing an external MCP server via an unpinned npm package version. This is disclosed and purpose-aligned, but it depends on external package provenance.
Skill content
claude mcp add helius npx helius-mcp@latest
Recommendation
Install MCP servers only from trusted sources, review their permissions, and pin a known-good version when possible.
What this means
Using this flow can associate a real-world identity with a Solana wallet through third-party services.
Why it was flagged
The prediction-market KYC flow sends wallet-related identity verification through external DFlow/Stripe services. This is disclosed and limited to trade-time use, but it is sensitive.
Skill content
Proof KYC links verified real-world identities to Solana wallets. ... KYC provider: Stripe Identity under the hood.
Recommendation
Use the KYC flow only when required for prediction-market trading, verify the destination domains, and present users with clear privacy and jurisdictional notices.
What this means
The skill may remain available to the agent in future sessions and projects when installed personally.
Why it was flagged
The installer persistently copies the skill into the user's personal Claude skills directory by default. This is transparent and scoped, not hidden background behavior.
Skill content
TARGET_BASE="$HOME/.claude/skills" ... cp -r "$SKILL_DIR/SKILL.md" "$TARGET/"
Recommendation
Use the project install option if you only want this trading guidance available in one repository or workspace.