ClawHub

XPR Crypto Tax

v1.0.0

Generate detailed crypto tax reports for XPR Network activity with support for New Zealand and United States regional tax rules and cost basis methods.

0· 626·0 current·0 all-time
by@paulgnz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (XPR crypto tax reporting for NZ/US) aligns with the code and SKILL.md: it calls on-chain APIs, parses DEX CSVs, computes gains, and generates reports. Requiring price data (CoinGecko) and on-chain APIs is reasonable for this purpose. However, the skill's package metadata lists no required env vars while the code relies on environment variables (COINGECKO_API_KEY, RATE_CACHE_PATH), which is an inconsistency.
Instruction Scope
SKILL.md instructs the agent to fetch balances/trades/transfers, compute gains, and then upload a PDF and two CSVs and call a delivery job (xpr_deliver_job). That workflow is coherent for a reporting tool, but the instructions mandate uploading all files and making an external 'deliver' call in a single run — a behavior with data-exfiltration implications if endpoints or storage targets are untrusted. SKILL.md also claims 'all tools are read-only', but the code persists a local rate cache to disk (not strictly read-only).
Install Mechanism
No install spec is provided (instruction-only installation), which is low risk compared to arbitrary downloads. The package contains JS/TS source and a bundled dist file that will run on the platform — no external installers or unusual download URLs are present.
!
Credentials
skill.json declares no required environment variables, but the code reads process.env.COINGECKO_API_KEY (to enable expanded CoinGecko history) and process.env.RATE_CACHE_PATH (to override where a persistent JSON rate cache is stored). COINGECKO_API_KEY is expected for price history (reasonable), but its absence from manifest is an oversight. RATE_CACHE_PATH (default: ./data/rate-cache.json) means the skill will read/write files on disk; this file-write capability is disproportionate relative to the manifest which states no config paths. Lack of explicit env declaration reduces transparency and is a red flag.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. However, it maintains a persistent local JSON rate cache (writes to a data directory by default) which means it will create files under the agent's working directory. This is ordinary for caching but should be noted.
Scan Findings in Context
[process.env.COINGECKO_API_KEY] expected: The code uses COINGECKO_API_KEY to access CoinGecko pro/demo endpoints for historical prices — this is reasonable for accurate pricing, but the manifest does not declare it as a required or optional env var.
[process.env.RATE_CACHE_PATH] expected: The code uses RATE_CACHE_PATH to determine where to persist a rate-cache JSON file. Persisting a rate cache is reasonable, but the skill did not declare required config paths and will read/write files under the agent's filesystem by default.
What to consider before installing
This skill appears to implement the advertised crypto-tax functionality, but there are transparency issues you should address before installing: - Expect the skill to call external APIs (Saltant, Metal X, Hyperion, CoinGecko) and to upload report files (PDF + CSVs) as part of its normal workflow. Confirm you trust the platform's store_deliverable and xpr_deliver_job endpoints and any third-party URLs used for delivery. Uploading CSVs means financial and transaction data will be transmitted off the agent environment. - The code reads COINGECKO_API_KEY (optional) and RATE_CACHE_PATH even though the manifest does not list these env vars. If you provide a CoinGecko key, verify it is scoped appropriately; if you do not, the skill falls back to limited/no-key behavior. - By default the skill will create a data/rate-cache.json in the agent working directory. If you prefer to control where files are written, set RATE_CACHE_PATH to a safe location (or make the skill's working directory read-only) and audit the cache file contents policy. - Review the bundled dist/index.js (included) yourself or ask the publisher for a provenance statement. The included code is not obviously malicious, but the manifest omissions (env/config) and mandatory multi-file upload step are non-trivial and warrant caution. - If you want to proceed: run the skill with non-sensitive test data first, confirm the exact endpoints used for uploads/delivery, and consider providing a throwaway CoinGecko key or limiting the RATE_CACHE_PATH to a directory you control. If the publisher can update the manifest to declare COINGECKO_API_KEY and RATE_CACHE_PATH (and describe their use), that would increase transparency and reduce risk.

Like a lobster shell, security has layers — review code before you run it.

cryptovk970m7v4fw6qztxedmjatq9vk1813t33latestvk97f05h9pdghndhq2wpq3fyzen814q1qreportingvk970m7v4fw6qztxedmjatq9vk1813t33taxvk970m7v4fw6qztxedmjatq9vk1813t33xprvk970m7v4fw6qztxedmjatq9vk1813t33

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments