Trifle Auth
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the wrong 1Password item exists or a valuable wallet key is supplied, the skill can sign Trifle login messages as that wallet and create account sessions tied to it.
The skill reads an Ethereum private key from an environment variable or a hard-coded 1Password item, while generated keys are saved under a different hard-coded item and passed to the 1Password CLI as a process argument. That is high-impact wallet authority with unclear per-user scoping.
if (process.env.TRIFLE_PRIVATE_KEY) { return process.env.TRIFLE_PRIVATE_KEY; } ... spawnSync('op', ['read', 'op://Gigi/EVM Wallet - Gigi/private_key'] ... '--title', 'EVM Wallet - Trifle Agent' ... `private_key=${privateKey}`Use only a new low-value wallet for Trifle, verify and align the 1Password item/path before login, avoid passing secrets as command-line arguments, and declare the wallet credential explicitly.
Another local process or skill that can read the state file may be able to act as the user on Trifle until the token expires or is revoked.
The bearer JWT is stored persistently in the local state file, and this write does not specify restrictive permissions. The token is intended for reuse by other skills, so broad local readability would expose the Trifle session.
function saveState(state) { writeFileSync(STATE_FILE, JSON.stringify(state, null, 2)); } ... const state = { token: result.token, address: account.address, ... }; saveState(state);Store the auth state with mode 0600 or in a secure credential store, document token lifetime and revocation, and require explicit user consent before sharing the token with other skills.
Installing the skill may fetch and run standard npm dependency installation steps on the local machine.
The skill includes an install hook that changes file permissions and installs npm dependencies. This is purpose-aligned for the Node-based helper, but users should notice that installation executes package-manager behavior.
"install": { "post": "chmod +x trifle-auth.mjs && npm install" }Install only from a trusted source and review the package lock/dependencies before use.