goodwallet-trading Security Report — Low Risk | ClawSafe

25 /100

goodwallet-trading

Blockchain trading tools extending GoodWallet MPC agentic wallets with ERC20 transfers, DEX swaps, and contract calls

Legitimate blockchain trading tool with undocumented shell execution via npx and opaque native SDK loading that warrants transparency improvements.

Skill Namegoodwallet-trading

Duration37.6s

Enginepi

✓

Safe to install

Add explicit declarations for shell:WRITE capability and native module loading in SKILL.md. Pin goodwallet dependency to specific version.

Findings 5 items

Severity	Finding	Location
Medium	Undeclared shell execution via npx SKILL.md instructs users to run 'npx [email protected] auth' and 'npx [email protected]' commands but does not declare shell:WRITE capability. This is a doc-to-code mismatch. `npx [email protected] auth` → Add shell:WRITE to declared capabilities if npx execution is considered shell access	`SKILL.md:15`
Medium	Native SDK module loading without documentation The code dynamically loads a native Sodot MPC module from the goodwallet package (libsodot_executor_*.node). This binary is opaque and could contain hidden functionality. `require(getSodotNativePath())` → Document the native module loading and what data it processes	`index.js:29`
Low	Dependency version not pinned package.json uses 'goodwallet: ^0.2.0' which allows minor/patch updates from an untrusted registry. `"goodwallet": "^0.2.0"` → Pin to exact version: "goodwallet": "0.2.0"	`package.json:12`
Low	API key transmitted to external service User's MPC API key is sent to sign.goodwallet.dev for transaction signing. The service's behavior and data retention are not documented. `headers: { 'X-API-KEY': config.apiKey }` → Document what data is sent to external signing service and its privacy implications	`index.js:148`
Info	Cryptocurrency wallet tool legitimately accesses sensitive paths The ~/.config/goodwallet/config.json contains MPC key shares, API keys, and wallet address. This is expected behavior for a crypto wallet tool. `readFile(CONFIG_FILE, 'utf-8')` → No action needed - this is legitimate for the stated purpose	`index.js:118`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`READ`	✓ Aligned	index.js:118 reads ~/.config/goodwallet/config.json
Network	`READ`	`WRITE`	✓ Aligned	index.js:148 POSTs to sign.goodwallet.dev with API key
Shell	`NONE`	`WRITE`	✗ Violation	SKILL.md shows npx commands without declaring shell capability
Skill Invoke	`NONE`	`READ`	✓ Aligned	SKILL.md references goodwallet skill for auth flow

4 findings

🔗

Medium External URL 外部 URL

https://hoodi.etherscan.io/

SKILL.md:117

🔗

Medium External URL 外部 URL

https://eth-hoodi.g.alchemy.com/v2/pungROYJPab5mfhEv2EQjQEtOtugUAbw

index.js:112

🔗

Medium External URL 外部 URL

https://hoodi.etherscan.io/tx/$

index.js:324

🔗

Medium External URL 外部 URL

https://paulmillr.com/funding/

package-lock.json:35

File Tree

4 files · 34.0 KB · 967 lines

JavaScript 1f · 517L JSON 2f · 304L Markdown 1f · 146L

├─ 📜 index.js JavaScript 517L · 19.8 KB

├─ 📋 package-lock.json JSON 286L · 9.0 KB

├─ 📋 package.json JSON 18L · 459 B

└─ 📝 SKILL.md Markdown 146L · 4.7 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`goodwallet`	`^0.2.0`	npm	No	Version not pinned - allows updates
`viem`	`^2.28.0`	npm	No	Well-audited Ethereum library
`commander`	`^13.1.0`	npm	No	Standard CLI parsing library

Security Positives

✓ No evidence of base64-encoded payloads piped to shell

✓ No direct IP network connections to unknown servers

✓ No eval() or dynamic code execution from external sources

✓ No credential harvesting or exfiltration to attacker-controlled endpoints

✓ No hidden HTML comments or steganographic payloads

✓ Uses well-audited viem library for blockchain operations

✓ Transaction signatures are verified via recoverTransactionAddress before broadcast

✓ No ~/.ssh, ~/.aws, or .env file access beyond declared config

Scan Report

Findings 5 items

File Tree

Dependencies 3 items

Security Positives