taco Security Report — Trusted | ClawSafe

5 /100

taco

AI trading assistant for Taco crypto DEX — handles trading, market data, account queries, technical analysis, and AI trader management

Taco is a legitimate crypto DEX trading assistant with no malicious behavior observed. All network calls target a single documented API endpoint, credentials are stored locally in a config file only, and the codebase is transparent with no hidden functionality.

Skill Nametaco

Duration40.8s

Enginepi

✓

Safe to install

This skill is safe to use. No security action required. The skill correctly declares its network capabilities through API interactions and stores credentials only in the documented config path.

Findings 2 items

Severity	Finding	Location
Info	No dependency manifest No package.json or requirements.txt exists. Dependencies (commander, node:fs, node:path, node:os, node:readline, native fetch) are assumed standard Node.js modules. This makes version pinning unverifiable. `var E=require('fs'),T=require('path'),wt=require('os'),At=require('readline')` → Add package.json to pin versions of any third-party dependencies.	`scripts/taco_client.js:1`
Info	Credentials stored in plaintext config file user_id and api_token are stored as plaintext JSON in ~/.openclaw/workspace/taco/config.json. This is standard for CLI tools but worth noting. `Config: ~/.openclaw/workspace/taco/config.json` → Consider using a secrets manager or encrypted storage for production deployments.	`SKILL.md:290`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md:Config:~/.openclaw/workspace/taco/config.json; taco_client.js reads con…
Network	`READ+WRITE`	`READ+WRITE`	✓ Aligned	SKILL.md declares API calls; taco_client.js:fetch() calls api.dev.taco.trading f…
Shell	`NONE`	`NONE`	—	No shell execution found; node process.argv parsing only
Environment	`NONE`	`NONE`	—	No env iteration; only reads process.env for NO_COLOR/FORCE_COLOR/CLI_COLOR
Clipboard	`NONE`	`NONE`	—	Not accessed
Browser	`NONE`	`NONE`	—	Not accessed
Database	`NONE`	`NONE`	—	Not accessed
Skill Invoke	`NONE`	`NONE`	—	Skill is a leaf — no nested skill invocations

3 findings

🔗

Medium External URL 外部 URL

https://api.dev.taco.trading

references/api-references.md:4

🔗

Medium External URL 外部 URL

https://api.hyperliquid.xyz/info

references/market-data-fallback.md:5

📧

Info Email 邮箱地址

[email protected]

references/api-references.md:495

File Tree

7 files · 125.1 KB · 2321 lines

Markdown 6f · 2294L JavaScript 1f · 27L

├─ ▾ 📁 references

│ ├─ 📝 analysis-workflows.md Markdown 252L · 9.8 KB

│ ├─ 📝 api-references.md Markdown 734L · 18.1 KB

│ ├─ 📝 commands.md Markdown 426L · 11.5 KB

│ ├─ 📝 market-data-fallback.md Markdown 73L · 2.2 KB

│ └─ 📝 strategy-engine.md Markdown 453L · 15.0 KB

├─ ▾ 📁 scripts

│ └─ 📜 taco_client.js JavaScript 27L · 52.1 KB

└─ 📝 SKILL.md Markdown 356L · 16.3 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`commander (bundled)`	`bundled minified`	node_modules (assumed standard)	No	Commader CLI parsing library — bundled minified in source, not separately installed
`node:fs, node:path, node:os, node:readline`	`Node.js built-in`	Node.js standard library	No	Standard library modules, no external dependencies
`fetch (native)`	`Node.js 18+`	Node.js native fetch API	No	Native fetch, no external HTTP client dependency

Security Positives

✓ No base64, eval, or obfuscated code — all logic is readable

✓ Single hardcoded API endpoint (api.dev.taco.trading) — no dynamic DNS resolution or IP hopping

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No credential exfiltration — credentials only used in Authorization header to the documented API

✓ SKILL.md accurately documents all capabilities and CLI commands

✓ No hidden instructions in HTML comments or string literals

✓ Comprehensive input validation and pre-trade checks documented

✓ Graceful error handling with informative messages

Scan Report

Findings 2 items

File Tree

Dependencies 3 items

Security Positives