Security Defense Line 安全防线
WarnAudited by ClawScan on May 10, 2026.
Overview
This crypto-security skill is mostly purpose-aligned, but it embeds a billing API key and advertises private-key, wallet-mutating, and background-monitoring capabilities without clear safeguards.
Review carefully before installing. Do not provide real private keys or seed phrases, verify the payment behavior and billing identity, and only run wallet-changing or background-monitoring commands after explicit confirmation and a dry-run preview.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user provides a real private key or seed phrase without strict controls, their crypto assets could be permanently lost.
The skill advertises handling private keys and seed phrases, but the artifacts do not define local-only handling, redaction, storage limits, or network restrictions for those secrets.
私钥强度 - 熵值检测、弱密钥识别 ... 助记词安全 - 泄露检测、生成验证 ... 私钥与助记词管理
Do not enter real private keys or seed phrases unless the skill clearly guarantees local-only processing, no logging, no network transmission, and explicit user approval.
Billing identity and charges may not be clearly controlled by the user, and the embedded provider credential is exposed in the package.
The code embeds a third-party billing API key and can charge using a default user identity instead of requiring a clearly supplied credential and user identifier.
BILLING_API_KEY = "sk_f03aa8..." ... user_id = os.environ.get("SKILLPAY_USER_ID", "anonymous_user") ... charge_result = charge_user(user_id)Require payment credentials through documented environment variables, remove hardcoded API keys, fail closed when no user ID is present, and ask for explicit consent before charging.
Running these actions against real wallets could change account permissions or move/lock assets.
The documentation includes examples for revoking approvals, signing/executing multisig transactions, and emergency wallet actions, which are purpose-aligned but financially high-impact.
python scripts/tx_validator.py --address 0x... --revoke-all ... --sign --tx-id 1 ... --execute --tx-id 1 ... --emergency-freeze --wallet 0x...
Use these only after explicit user confirmation, with dry-run previews and clear explanation of irreversible effects.
A background monitor could keep running and observe sensitive clipboard or wallet activity if enabled.
The skill advertises long-running monitoring, clipboard watching, and automatic blocking modes without documenting stop conditions or data-handling boundaries.
python scripts/phishing_detector.py --watch-clipboard --auto-block ... python scripts/security_monitor.py --daemon
Enable background or clipboard modes only with explicit opt-in, visible status, easy shutdown, and clear limits on what is read or modified.
Users may be asked to fetch or run an unreviewed missing component to get the advertised monitoring behavior.
The documentation references security_monitor.py, but that file is not present in the supplied manifest, leaving the advertised monitoring component outside the reviewed artifact set.
python scripts/security_monitor.py --daemon
Verify that all referenced scripts and dependencies are included, pinned, and reviewable before installation or use.