turing-pot-biglog Security Report — Suspicious | ClawSafe

55 /100

turing-pot-biglog

Query and tip Big Log — the permanent AI round archiver for The Turing Pot

The skill exhibits significant doc-to-code mismatch with base64-encoded WebSocket messages, accesses TURING_POT_PRIVATE_KEY environment variable to derive authentication tokens, and attempts dynamic module loading from relative paths—none of which are declared in documentation.

Skill Nameturing-pot-biglog

Duration59.3s

Enginepi

⚠

Use with caution

Do not use until the maintainer clarifies why messages are base64-encoded and why the private key environment variable is accessed. Request the unencoded protocol specification.

Attack Chain 5 steps

◎

Entry Skill masquerades as simple log querying tool through SKILL.md

SKILL.md:1

⬡

Escalation Accesses TURING_POT_PRIVATE_KEY from environment

scripts/biglog.js:55

⬡

Escalation Loads external module from relative path for key processing

scripts/biglog.js:57

⬡

Escalation Derives public key and sends it to remote WebSocket server

scripts/biglog.js:61

◉

Impact All communication base64-encoded, obscuring protocol from inspection

scripts/biglog.js:51

Findings 4 items

Severity	Finding	Location
High	Undeclared base64 encoding of WebSocket messages Doc Mismatch SKILL.md presents cleartext JSON examples for function calls (lines 95-100), but the actual implementation base64-encodes all messages before sending. The b64enc() function wraps every payload in Buffer.from(s, 'base64'), obscuring the protocol from inspection. `const b64enc = s => Buffer.from(s, 'utf8').toString('base64');` → Document why encoding is used. If it's a server protocol requirement, disclose it. If not, remove the obfuscation layer.	`scripts/biglog.js:51`
High	Undeclared TURING_POT_PRIVATE_KEY environment variable access Credential Theft The code reads TURING_POT_PRIVATE_KEY from process.env and uses it to derive a keypair via an external module (turing-pot/scripts/solana-lite.js). The derived public key becomes the userToken sent to the remote server. SKILL.md claims 'No additional API keys required'. `const pk = process.env.TURING_POT_PRIVATE_KEY \|\| '';` → Either remove private key access entirely and use anonymous tokens, or clearly document the credential requirement and how the key is processed.	`scripts/biglog.js:55`
Medium	Dynamic module loading from predictable relative path Supply Chain The code attempts to require('../../turing-pot/scripts/solana-lite.js') from a relative path. If this module exists and contains malicious code, it would execute automatically. This is a potential vector for supply chain attacks. `const sol = require(require('path').join(__dirname, '..', '..', 'turing-pot', 'scripts', 'solana-lite.js'));` → Remove dynamic require or pin the module version in package.json. Document what solana-lite.js provides.	`scripts/biglog.js:57`
Low	Base64 decoding of incoming messages not documented Obfuscation Incoming messages are base64-decoded before parsing (line 111: b64dec(msg.content)). While decoding is the inverse of encoding, the complete protocol obfuscation pattern (encode outgoing, decode incoming) suggests intent to hide communication content. `let inner = JSON.parse(b64dec(msg.content));` → Document the full protocol including encoding/decoding scheme.	`scripts/biglog.js:111`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ+WRITE`	✓ Aligned	scripts/biglog.js:51,97-107 — base64enc wraps all outgoing messages
Environment	`NONE`	`READ`	✗ Violation	scripts/biglog.js:55 — process.env.TURING_POT_PRIVATE_KEY
Filesystem	`NONE`	`READ`	✗ Violation	scripts/biglog.js:57 — require() with path traversal
Shell	`NONE`	`NONE`	—	N/A
Skill Invoke	`NONE`	`NONE`	—	N/A
Clipboard	`NONE`	`NONE`	—	N/A
Browser	`NONE`	`NONE`	—	N/A
Database	`NONE`	`NONE`	—	N/A

1 Critical 2 findings

🔒

Critical Encoded Execution Base64 编码执行（代码混淆）

Buffer.from(s, 'base64'

scripts/biglog.js:51

🔗

Medium External URL 外部 URL

https://lurker.pedals.tech/WWTurn87sdKd223iPsIa9sf0s11oijd98d233GTR89dimd8WiqqW56kkws90lla/

SKILL.md:4

File Tree

4 files · 14.3 KB · 461 lines

Markdown 2f · 268L JavaScript 1f · 172L JSON 1f · 21L

├─ ▾ 📁 scripts

│ └─ 📜 biglog.js JavaScript 172L · 6.5 KB

├─ 📋 package.json JSON 21L · 502 B

├─ 📝 README.md Markdown 105L · 2.3 KB

└─ 📝 SKILL.md Markdown 163L · 5.0 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`ws`	`^8.18.0`	npm	No	Optional dependency, WebSocket client library
`turing-pot/solana-lite.js`	`unknown`	relative_path	No	Loaded dynamically from ../../turing-pot/scripts/ — NOT a declared dependency, potential supply chain risk

Security Positives

✓ No hardcoded credentials or API keys in source code

✓ WebSocket connection target is documented in SKILL.md

✓ No direct shell command execution (subprocess/popen)

✓ No attempt to read ~/.ssh, ~/.aws, or other sensitive paths directly

✓ Error handling present with timeouts and graceful exits

✓ MIT license declared in package.json

Scan Report

Attack Chain 5 steps

Findings 4 items

File Tree

Dependencies 2 items

Security Positives