dao-governance 安全扫描报告 — 可信 | ClawSafe

5 /100

dao-governance

Web3 DAO governance research skill using Degov Agent API with x402 payments

Legitimate DAO governance research skill with proper wallet management and x402 payment integration. No malicious behavior detected.

技能名称dao-governance

分析耗时35.4s

引擎pi

✓

可以安装

No action needed. The skill is safe to use for its documented purpose.

安全发现 2 项

严重性	安全发现	位置
提示	Pre-scan base64 flags are false positives The pre-scan flagged Buffer.from(...'base64') as CRITICAL 'code obfuscation', but these are standard cryptographic encoding operations for AES-256-GCM encryption parameters (salt, iv, authTag, ciphertext). This is legitimate crypto implementation, not obfuscation. `Buffer.from(cryptoPayload.salt, 'base64')` → No action needed - this is expected cryptographic practice	`scripts/wallet-store.ts:208`
低危	Internal passphrase stored in filesystem The skill stores an internally-generated passphrase at ~/.agents/state/dao-governance/wallet-passphrase. While this is necessary for wallet functionality and uses proper file permissions (0o600), any compromise of the passphrase file could expose the wallet private key. `export const DEFAULT_PASSPHRASE_PATH = path.join(DEFAULT_STATE_DIR, 'wallet-passphrase')` → Consider using a system keyring (e.g., keychain, kwallet) for passphrase storage in production environments	`scripts/wallet-store.ts:11`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`WRITE`	✓ 一致	SKILL.md declares wallet storage in ~/.agents/state/dao-governance/
网络访问	`READ`	`READ`	✓ 一致	SKILL.md declares API calls to degov-agent-api
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md documents pnpm exec tsx commands
环境变量	`READ`	`READ`	✓ 一致	Uses env vars like DEGOV_AGENT_WALLET_PASSPHRASE, DEGOV_AGENT_API_BASE_URL

4 严重 8 项发现

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(cryptoPayload.salt, 'base64'

scripts/wallet-store.ts:208

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(cryptoPayload.iv, 'base64'

scripts/wallet-store.ts:212

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(cryptoPayload.authTag, 'base64'

scripts/wallet-store.ts:214

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(cryptoPayload.ciphertext, 'base64'

scripts/wallet-store.ts:216

🔗

中危外部 URL 外部 URL

https://agent-api.degov.ai

scripts/README.md:32

🔗

中危外部 URL 外部 URL

https://mainnet.base.org

scripts/degov-client.ts:87

🔗

中危外部 URL 外部 URL

https://basescan.org/tx/$

scripts/degov-client.ts:160

💰

中危钱包地址加密货币钱包地址

0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913

scripts/wallet-store.ts:18

目录结构

7 文件 · 63.4 KB · 2005 行

TypeScript 2f · 883L YAML 1f · 737L Markdown 2f · 344L JSON 2f · 41L

├─ ▾ 📁 scripts

│ ├─ 📜 degov-client.ts TypeScript 499L · 14.8 KB

│ ├─ 📋 package.json JSON 27L · 1.1 KB

│ ├─ 📋 pnpm-lock.yaml YAML 737L · 22.0 KB

│ ├─ 📝 README.md Markdown 87L · 2.7 KB

│ ├─ 📋 tsconfig.json JSON 14L · 290 B

│ └─ 📜 wallet-store.ts TypeScript 384L · 10.4 KB

└─ 📝 SKILL.md Markdown 257L · 12.1 KB

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`viem`	`^2.37.5`	npm	否	Standard Ethereum library, widely used
`@x402/evm`	`^2.6.0`	npm	否	Official x402 payment library for EVM chains
`@x402/fetch`	`^2.6.0`	npm	否	Official x402 payment library for HTTP requests

安全亮点

✓ Uses standard AES-256-GCM encryption for wallet private keys

✓ Sets restrictive 0o600 file permissions on wallet and passphrase files

✓ All network calls are to the declared API endpoint only

✓ No credential exfiltration - credentials stay local

✓ Uses legitimate x402 payment protocol (@x402/evm, @x402/fetch)

✓ Clear user consent flow for paid API calls

✓ Guardrails in SKILL.md explicitly prohibit asking for private keys

✓ Wallet migration removes old wallet files after transfer

✓ No base64 piping to shell or eval() usage

✓ Proper error handling throughout cryptographic operations