Skill Trust Decision

solanaprox-ai

Name: solanaprox-ai Trust Review Report
Item: solanaprox-ai
Rating: 60
Author: ClawSafe

仅含文档的 AI 技能，声明 14 种能力但 Security Manifest 仅声明 2 项权限，存在明显的文档-行为差异，缺少可验证的实际代码。

Install decision first Source: ClawHub Scanned: 1 day ago

Files 1

Artifacts 4

Violations 0

Findings 4

Most direct threat evidence

High Doc Mismatch

敏感能力未在 Security Manifest 中声明

声明支持 14 种能力包括 code-execution（代码执行）、web-search、scraping 等敏感操作，但 Security Manifest 仅声明 Network 和 Env Read 两项权限，存在明显的声明-行为差异。

SKILL.md:97

Why this conclusion was reached

1/4 dimensions flagged

Pass

Declared vs actual capability

Declared resources and inferred behavior are broadly aligned.

Review

Hidden execution and egress

4 lower-risk artifacts were extracted and still need context.

Block

Attack chain and severe findings

The report includes 0 attack-chain steps and 1 severe findings.

Review

Dependencies and supply chain hygiene

Dependency information is incomplete, so supply-chain confidence stays limited.

What drove the risk score up

文档-行为差异 +20

声明 14 种能力包括 code-execution/scraping，但 Security Manifest 仅声明 Network 和 Env Read

缺少可验证代码 +15

只有 SKILL.md，无脚本文件，无法验证实际行为

外部域名依赖 +10

所有 API 调用指向外部域名 solanaprox.com，无开源代码

Most important evidence

High Doc Mismatch

敏感能力未在 Security Manifest 中声明

SKILL.md:97

code-execution 和 scraping 等敏感能力应在 Security Manifest 中明确声明

Medium Doc Mismatch

外部服务依赖且无开源验证

所有功能实现依赖外部域名 solanaprox.com，缺少 GitHub 仓库或开源代码链接，无法验证实际行为与声明是否一致。

SKILL.md:8

提供开源代码或可信的第三方审计报告

Medium Priv Escalation

Multi-Agent Orchestration 可能涉及更高权限操作

声称支持 agent-orchestration（代理编排），可能需要执行代码或访问文件系统，但未在声明中说明。

SKILL.md:88

明确声明 agent-orchestration 所需的具体权限

Low Sensitive Access

钱包地址作为唯一凭证

使用 SOLANAPROX_WALLET_ADDRESS 作为唯一认证方式，可能被用于用户追踪。

SKILL.md:7

评估是否需要额外的隐私保护措施

Declared capability vs actual capability

Network Pass

Declared READ

→

Inferred READ

SKILL.md:Security Manifest

Environment Pass

Declared READ

→

Inferred READ

SKILL.md:Security Manifest - SOLANAPROX_WALLET_ADDRESS

Network Pass

Declared NONE

→

Inferred READ

SKILL.md:Capabilities list mentions web-search, scraping

Shell Pass

Declared NONE

→

Inferred UNKNOWN

SKILL.md:Capabilities list mentions code-execution but not in Security Manifest

Filesystem Pass

Declared NONE

→

Inferred UNKNOWN

Unknown - no script files to verify

Suspicious artifacts and egress

Medium External URL

https://solanaprox.com

SKILL.md:8

Medium External URL

https://solanaprox.com/v1/messages

SKILL.md:57

Medium External URL

https://solanaprox.com/api/orchestrate

SKILL.md:92

Medium External URL

https://solanaprox.com/api/capabilities

SKILL.md:109

Dependencies and supply chain

There are no structured dependency warnings.

File composition

1 files · 121 lines

Markdown 1 files · 121 lines

Files of concern · 1

SKILL.md Markdown · 121 lines

敏感能力未在 Security Manifest 中声明 · 外部服务依赖且无开源验证 · Multi-Agent Orchestration 可能涉及更高权限操作 · 钱包地址作为唯一凭证 · https://solanaprox.com · https://solanaprox.com/v1/messages · https://solanaprox.com/api/orchestrate · https://solanaprox.com/api/capabilities

Security positives

文档结构完整，有 Security Manifest 表格

声明了运营商信息（LPX Digital Group LLC）

提供了使用示例和 SDK 安装说明