安全决策报告

security-defense-line

Name: security-defense-line 可信度判断报告
Item: security-defense-line
Rating: 55
Author: ClawSafe

Skill contains hardcoded API key in payment.py and undeclared network access for billing integration. While no malicious behavior observed, the hardcoded credential represents significant supply chain risk.

安装决策优先来源: 手动上传扫描时间: 2026/4/4

文件 10

IOC 22

越权项 2

发现 3

最直接的威胁证据

高危凭证窃取

Hardcoded API Key in Source Code

A valid-looking API key is hardcoded directly in payment.py line 12. This is a supply chain security risk as the key could be extracted and abused.

payment.py:12

为什么得出这个结论

3/4 个维度触发

阻止

声明与实际能力

发现 2 项声明之外的能力或越权行为。

阻止

隐藏执行与外联

提取到 1 个高危 IOC 或外联信号。

阻止

攻击链与高危发现

报告包含 0 步攻击链，另有 1 项高危或严重发现。

复核

依赖与供应链卫生

发现 1 项需要关注的依赖或供应链线索。

风险分是怎么被拉高的

Hardcoded API key in source code +25

BILLING_API_KEY hardcoded at payment.py:12 with value 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2'

Undeclared network access +15

payment.py makes HTTP requests to skillpay.me but network:READ is not declared in SKILL.md capability map

Documentation mismatch +5

SKILL.md mentions SkillPay but doesn't explicitly declare required network permissions

最关键的证据

高危凭证窃取

Hardcoded API Key in Source Code

A valid-looking API key is hardcoded directly in payment.py line 12. This is a supply chain security risk as the key could be extracted and abused.

payment.py:12

Move API key to environment variable: os.environ.get('SKILLPAY_API_KEY') or use a secrets manager

中危文档欺骗

Undeclared Network Access

The skill makes HTTP requests to external service skillpay.me but network access is not declared in SKILL.md capability declarations.

payment.py:26

Add network:READ and network:WRITE to declared capabilities if network access is required

中危供应链

Unpinned Dependencies

The skill uses requests library without version pinning. requests==2.31.0 is recommended.

payment.py:3

Pin requests to specific version: requests==2.31.0

声明能力 vs 实际能力

文件系统 通过

声明 NONE

→

推断 NONE

No file operations found

网络访问 阻止

声明 NONE

→

推断 READ

payment.py:26-45 makes HTTP requests to skillpay.me

命令执行 通过

声明 NONE

→

推断 NONE

SKILL.md shows bash examples but scripts use no shell:WRITE

环境变量 阻止

声明 NONE

→

推断 READ

payment.py:60 reads SKILLPAY_USER_ID from os.environ

可疑产物与外联

高危 API 密钥

API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"

payment.py:12

中危外部 URL

https://suspicious-site.com

SKILL.md:106

中危外部 URL

https://skillpay.me

payment.py:11

中危外部 URL

https://swcregistry.io/

references/contract-auditing.md:238

中危外部 URL

https://consensys.github.io/smart-contract-best-practices/

references/contract-auditing.md:239

中危外部 URL

https://docs.openzeppelin.com/contracts/

references/contract-auditing.md:240

中危外部 URL

https://www.certora.com/

references/contract-auditing.md:241

中危外部 URL

https://swcregistry.io/docs/SWC-107

scripts/contract_auditor.py:160

中危外部 URL

https://consensys.github.io/smart-contract-best-practices/attacks/reentrancy/

scripts/contract_auditor.py:161

中危外部 URL

https://swcregistry.io/docs/SWC-104

scripts/contract_auditor.py:164

中危外部 URL

https://swcregistry.io/docs/SWC-115

scripts/contract_auditor.py:167

中危外部 URL

https://docs.soliditylang.org/en/v0.8.0/080-breaking-changes.html

scripts/contract_auditor.py:190

依赖与供应链

包名	版本	来源	漏洞	备注
requests	`*`	pip	否	Version not pinned, no known vulnerabilities

文件构成

10 个文件 · 2745 行

Python 7 个文件 · 2081 行Markdown 2 个文件 · 645 行JSON 1 个文件 · 19 行

需关注文件 · 8

scripts/phishing_detector.py Python · 339 行

https://uniswap.org · https://uniswop.org · https://claim-free-tokens.xyz · https://ethereum.org

scripts/contract_auditor.py Python · 324 行

https://swcregistry.io/docs/SWC-107 · https://consensys.github.io/smart-contract-best-practices/attacks/reentrancy/ · https://swcregistry.io/docs/SWC-104 · https://swcregistry.io/docs/SWC-115 · https://docs.soliditylang.org/en/v0.8.0/080-breaking-changes.html

scripts/tx_validator.py Python · 336 行

0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D

scripts/multisig_manager.py Python · 327 行

0x1111111111111111111111111111111111111111 · 0x2222222222222222222222222222222222222222 · 0x3333333333333333333333333333333333333333

scripts/wallet_guardian.py Python · 292 行

0x0000000000000000000000000000000000000000 · 0xdead00000000000000000000000000000000dead

SKILL.md Markdown · 400 行

https://suspicious-site.com

references/contract-auditing.md Markdown · 245 行

https://swcregistry.io/ · https://consensys.github.io/smart-contract-best-practices/ · https://docs.openzeppelin.com/contracts/ · https://www.certora.com/

payment.py Python · 142 行

Hardcoded API Key in Source Code · Undeclared Network Access · Unpinned Dependencies · API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" · https://skillpay.me

其他文件 · incident_responder.py · _meta.json

安全亮点

No credential harvesting from sensitive paths (~/.ssh, ~/.aws, .env)

No base64-encoded execution or obfuscation detected

No curl|bash remote script execution

No reverse shell attempts or C2 communication

No access to private keys or mnemonic phrases in actual code

Scripts are primarily mock implementations for security analysis

SKILL.md mentions payment integration transparently