Code Review Fix Hardened
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: code-review-fix-hardened Version: 1.0.0 The bundle is a legitimate code review and repair tool that includes an integrated billing system (SkillPay) and sophisticated defensive instructions. The SKILL.md and SAFETY.md files contain explicit 'guardrails' designed to prevent the AI agent from being manipulated by prompt injection within the code it reviews, specifically forbidding data exfiltration and unauthorized file modifications. While lib/billing.ts contains a hardcoded API key (a developer-side vulnerability) and the tool performs local file writes, these behaviors are transparently documented and strictly aligned with the stated purpose of automated code fixing.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A packaged billing credential can be abused or misused, and users cannot easily verify what account or authority it represents.
A real-looking billing API credential is bundled directly in the distributed source and used to authorize SkillPay requests.
const BILLING_API_KEY = 'sk_9733...bd8'; ... 'X-API-Key': BILLING_API_KEY
Do not ship live API keys in skill code. Move billing credentials to a declared, user-controlled secret/config path and rotate the exposed key.
Using the tool after the trial may debit a SkillPay balance without a separate per-charge confirmation step.
After three free calls, normal review execution attempts to charge the user through SkillPay before continuing.
if (!isFree) { ... const result = await chargeUser(userId); ... console.log(`✅ 扣费成功!当前余额: ${result.balance} USDT`); }Require explicit confirmation before each paid charge, clearly declare the billing capability in metadata, and provide a way to disable billing for local-only use.
A local username or SkillPay user identifier may be sent to an external billing provider during paid use.
The billing user ID falls back to the local OS username, which is then used in SkillPay billing calls.
return process.env.SKILLPAY_USER_ID || 'local-user-' + require('os').userInfo().username;Use a non-identifying SKILLPAY_USER_ID where possible and disclose exactly what billing identifiers are sent externally.
Automatic fixes could change or break code if run on an important file without review.
The --fix option directly overwrites the target file with generated fixes.
if (values.fix && analysis.fixable) { ... writeFileSync(filePath, fixedCode); ... }Run it in a git-tracked workspace, inspect diffs before committing, and prefer a preview/patch mode for important code.
A local state file may be created in projects and could be accidentally committed if not ignored.
The tool persists local usage counters in the current project directory.
stateFile: join(process.cwd(), '.code-review-fix-state.json') ... saveState(state);
Document the state file, add it to .gitignore, or store usage state in a clearly scoped application data directory.