critical
suspicious.exposed_secret_literal
- Location
- SKILL.md:168
- Finding
- File appears to expose a hardcoded API secret or token.
TPN Proxy
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
The agent may contact TPN and retrieve public web content through a proxy rather than merely giving instructions.
Why it was flagged
The skill gives the agent authority to make network requests and use curl/proxy settings directly, which is expected for the proxy function but should be noticed.
Skill content
This skill executes API calls and returns results directly ... Call the TPN API yourself (via `curl` or equivalent) ... When the user asks you to fetch a URL through a proxy, make that request yourself too.
Recommendation
Use it only for intended public URLs and keep the documented URL validation and internal-address rejection in place.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Installing the skill allows the agent to use the configured TPN account key for proxy generation when invoked.
Why it was flagged
The skill requires a TPN API key and uses it to generate proxy leases; this is normal for the service but grants account-level proxy-generation authority.
Skill content
Environment variables | `TPN_API_KEY` — existence-checked only ... never echoed or logged
Recommendation
Only configure a TPN_API_KEY you are comfortable delegating to the agent, and rotate or revoke it if transcripts or environment access are exposed.
NoteMedium Confidence
ASI03: Identity and Privilege AbuseWhat this means
If using the x402 path, the user may be asked to approve and sign a payment with a wallet.
Why it was flagged
The reference flow includes wallet-mediated USDC approval and signing for x402 payments; this is purpose-aligned but affects payment authority.
Skill content
Sign a USDC payment on Base ... const tx = await usdc.approve( pay_to, amount ) ... const signature = await authorizer.signMessage
Recommendation
Verify the amount, recipient, network, and wallet prompt before approving any x402 payment.