Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Helius
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is mostly coherent for Helius/Solana development, but it asks users to run an unpinned external MCP package that can persist keys and perform paid or on-chain actions.
Review this skill carefully before installing. It appears purpose-aligned for Helius/Solana development, but only use the MCP package if you trust its source, pin versions where possible, use a dedicated low-balance wallet, and require explicit confirmation for any transaction, signup, upgrade, renewal, or billing action.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A future or compromised package version could receive sensitive Helius credentials or perform high-impact MCP actions under the user's account.
Why it was flagged
The skill directs users to install and run an unpinned external MCP package. Because the MCP is the component that provides live tools for blockchain queries, transactions, webhooks, signup, and billing, the unpinned runtime package is a material provenance and review gap.
Skill content
`claude mcp add helius npx helius-mcp@latest`
Recommendation
Install only if you trust the publisher and package source; prefer a pinned MCP version and review the MCP package before granting it credentials or funded-wallet access.
What this means
The agent could potentially trigger paid plan changes or payments if the MCP tools are available and the signup wallet has funds.
Why it was flagged
The documented MCP workflow includes tools that mutate billing/account state and process cryptocurrency payments. The artifacts disclose preview and funding steps, but they do not clearly require a final user confirmation before executing paid actions.
Skill content
`upgradePlan` — Execute a plan upgrade (processes USDC payment)
Recommendation
Before using this skill, require explicit user approval for any signup, upgrade, renewal, transfer, or transaction-sending action, and keep only the intended payment amount in the signup wallet.
What this means
A locally persisted funded keypair and saved Helius credentials could be reused across sessions and may authorize payments or account actions.
Why it was flagged
The skill documents persistent Solana keypair handling and reuse for account signup/payment flows. This is related to the stated purpose, but it is high-impact authority and the registry metadata does not declare a primary credential or required config path.
Skill content
`generateKeypair` | Generate or load a Solana keypair for agentic signup (persists to `~/.helius-cli/keypair.json`)
Recommendation
Use a dedicated low-balance wallet for signup, protect or remove `~/.helius-cli/keypair.json` when no longer needed, and verify where API keys/JWTs are stored.