InvestmentTracker Platform
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: investmenttracker-platform Version: v1.0.2 The skill bundle contains significant security vulnerabilities, most notably the inclusion of hardcoded 'live' API keys across multiple files, including mcp_api_test_commands.sh, config.json, and mcp_client.py. The implementation relies heavily on subprocess.run to execute curl commands for network interaction in scripts like InvestmentTracker_skill.py and final_skill.py, which is a risky pattern that could be exploited if input is not properly sanitized. While the behavior appears aligned with the stated purpose of investment tracking and no clear evidence of intentional malice was found, the credential exposure and reliance on shell execution warrant a suspicious classification. Primary external endpoints include claw.investtracker.ai and investmenttracker-ingest-production.up.railway.app.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is valid, users may accidentally use or expose someone else's financial-account credential, or all installs may share the same account access.
A live-looking InvestmentTracker API key is embedded directly in configuration examples for an investment account integration.
"Authorization": "Bearer it_live_...", "X-API-Key": "it_live_..."
Remove the embedded key from all artifacts, rotate it immediately, and require each user to provide their own scoped API key through a secure config or environment variable.
A user's API key could appear in terminal output, OpenClaw logs, or chat-visible debug output.
The code prints configured headers and part of the curl command; those headers can include Authorization or X-API-Key values.
print(f"Headers: {self.headers}") ... print(f"命令: {' '.join(cmd[:10])}...")Never print full headers or command lines containing secrets. Redact Authorization, X-API-Key, cookies, and tokens before logging.
The skill will execute local curl commands when fetching investment data, and command-line arguments may include sensitive headers.
The skill shells out to curl to call the MCP API. This is purpose-aligned, but raw command execution with configured URLs and headers deserves user awareness.
cmd = ['curl', '-s', '-N', '-X', 'POST'] ... subprocess.run(cmd, capture_output=True, text=True, timeout=30)
Prefer a native HTTP client with redacted logging, or ensure command construction is tightly controlled and secrets are not visible in process lists or logs.
Users have less provenance information for code that can be run locally and can access financial-account APIs.
The package has many runnable scripts but lacks a source/homepage and install specification in the provided metadata.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; Code file presence: 29 code file(s)
Review the included scripts before running them and prefer a published source repository, versioned release, and explicit runtime requirements.
Your investment-account requests and returned portfolio information depend on the external InvestmentTracker MCP service.
The skill connects to an external MCP endpoint using an API key to retrieve user identity and portfolio data.
"url": "https://claw.investtracker.ai/mcp", "Authorization": "Bearer YOUR_API_KEY"
Use only a trusted endpoint, verify the provider, and use a least-privilege API key intended for this integration.