verified-agent-identity 安全扫描报告 — 可信 | ClawSafe

5 /100

verified-agent-identity

Billions decentralized identity for agents. Link agents to human identities using Billions ERC-8004 and Attestation Registries.

Documentation-only identity skill with no implementation scripts; describes legitimate decentralized identity functionality without any malicious behavior or hidden functionality.

技能名称verified-agent-identity

分析耗时35.0s

引擎pi

✓

可以安装

This skill is a documentation-only package with no actual implementation code. If deploying, ensure the referenced scripts are included and verified.

安全发现 2 项

严重性	安全发现	位置
低危	Incomplete skill package 文档欺骗 SKILL.md describes scripts (createNewEthereumIdentity.js, linkHumanToAgent.js, etc.) that do not exist in the package. This is a documentation-only skill without implementation. `node scripts/createNewEthereumIdentity.js` → Ensure all referenced scripts are included before deploying this skill.	`SKILL.md:1`
提示	Documented key storage location 敏感访问 The skill documents storing private keys in $HOME/.openclaw/billions/kms.json. Without BILLIONS_NETWORK_MASTER_KMS_KEY, keys are stored in plaintext. This is necessary for identity functionality and is clearly documented. `kms.json - CRITICAL: Contains private keys (encrypted if BILLIONS_NETWORK_MASTER_KMS_KEY is set, otherwise in plaintext)` → Document this behavior is expected and required for the identity feature. Users should set BILLIONS_NETWORK_MASTER_KMS_KEY for production use.	`SKILL.md:68`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No scripts to analyze - skill describes file operations but implementation is mi…
命令执行	`NONE`	`NONE`	—	SKILL.md references node commands but no scripts exist
网络访问	`NONE`	`NONE`	—	Describes blockchain API interactions but no implementation code
环境变量	`NONE`	`NONE`	—	References BILLIONS_NETWORK_MASTER_KMS_KEY but no code to access it

1 项发现

🔗

中危外部 URL 外部 URL

https://billions.network/

SKILL.md:5

目录结构

1 文件 · 8.2 KB · 219 行

Markdown 1f · 219L

└─ 📝 SKILL.md Markdown 219L · 8.2 KB

安全亮点

✓ Comprehensive guardrails documented in Restrictions section

✓ Clear identity verification workflow without shortcuts

✓ No obfuscated code or base64-encoded payloads

✓ No credential exfiltration or data theft patterns

✓ No network IOCs pointing to suspicious infrastructure

✓ No eval(), exec(), or subprocess calls in non-existent code

✓ Explicit prohibition on manual cryptographic operations