tronlink-skills 安全扫描报告 — 低风险 | ClawSafe

25 /100

tronlink-skills

AI Agent skills for TronLink wallet - wallet management, token queries, DEX swap quotes, energy/bandwidth resource management, and TRX staking on the TRON network

A legitimate read-only TRON blockchain querying skill with no malicious behavior, but flagged for curl|sh installation patterns documented in README.

技能名称tronlink-skills

分析耗时53.7s

引擎pi

✓

可以安装

The skill is safe for read-only blockchain queries. Avoid the curl|sh installation pattern; clone the repo and run install.sh locally instead.

安全发现 3 项

严重性	安全发现	位置
中危	curl\|sh installation pattern documented README.md documents the dangerous curl\|sh pattern for installation. While the install.sh script itself is non-malicious (just git clone + symlinks), piping remote scripts to shell is inherently risky. `curl -sSL https://raw.githubusercontent.com/TronLink/tronlink-skills/main/install.sh \| sh` → Use local installation: git clone the repo, then run sh install.sh --local /path/to/repo	`README.md:16`
低危	Non-standard Sun.io router domain The Sun.io Smart Router API uses 'endjgfsv.link' domains instead of api.sun.io. While the code comments explain this is from the frontend bundle, the obfuscated domain is unusual for a major DEX. `const SUNIO_ROUTER_API = { mainnet: 'https://rot.endjgfsv.link', ... }` → Verify this domain is legitimate Sun.io infrastructure before using swap commands	`scripts/tron_api.mjs:35`
提示	Node.js subprocess in MCP server mcp_server.mjs uses execFile to spawn node processes for tron_api.mjs commands. This is standard MCP architecture and is documented. `execFile('node', [TRON_API, ...args], { timeout: 30000 }, ...)` → No action needed - this is expected MCP behavior	`scripts/mcp_server.mjs:183`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	All operations are HTTP API calls; no local file access in tron_api.mjs
网络访问	`READ`	`READ`	✓ 一致	Only GET/POST to public TronGrid, TronScan, CoinGecko APIs
命令执行	`NONE`	`NONE`	—	mcp_server.mjs uses execFile only for spawning node process - necessary for MCP …
环境变量	`READ`	`READ`	✓ 一致	Reads TRONGRID_API_KEY, TRON_NETWORK - declared in docs
技能调用	`WRITE`	`WRITE`	✓ 一致	Routes to sub-skills (tron-wallet, tron-token, etc.) - declared in SKILL.md

2 严重 21 项发现

💀

严重危险命令危险 Shell 命令

curl -sSL https://raw.githubusercontent.com/TronLink/tronlink-skills/main/install.sh | sh

README.md:16

💀

严重危险命令危险 Shell 命令

curl -sSL https://raw.githubusercontent.com/TronLink/tronlink-skills/main/uninstall.sh | sh

README.md:28

🔗

中危外部 URL 外部 URL

https://www.trongrid.io/dashboard

README.md:106

🔗

中危外部 URL 外部 URL

https://api.trongrid.io

README.md:120

🔗

中危外部 URL 外部 URL

https://api.shasta.trongrid.io

README.md:121

🔗

中危外部 URL 外部 URL

https://nile.trongrid.io

README.md:122

🔗

中危外部 URL 外部 URL

https://trongrid.io

SKILL.md:8

🔗

中危外部 URL 外部 URL

https://www.trongrid.io/dashboard.

docs/claude-integration-guide.md:207

🔗

中危外部 URL 外部 URL

https://nodejs.org

install.sh:271

🔗

中危外部 URL 外部 URL

https://paulmillr.com/funding/

package-lock.json:55

🔗

中危外部 URL 外部 URL

https://www.buymeacoffee.com/ricmoo

package-lock.json:281

🔗

中危外部 URL 外部 URL

https://apilist.tronscanapi.com/api

scripts/tron_api.mjs:30

🔗

中危外部 URL 外部 URL

https://docs.sun.io/developers/swap/smart-router

scripts/tron_api.mjs:35

🔗

中危外部 URL 外部 URL

https://rot.endjgfsv.link

scripts/tron_api.mjs:37

🔗

中危外部 URL 外部 URL

https://tnrouter.endjgfsv.link

scripts/tron_api.mjs:38

🔗

中危外部 URL 外部 URL

https://api.coingecko.com/api/v3

scripts/tron_api.mjs:43

🔗

中危外部 URL 外部 URL

https://tronscan.org/#/token20/$

scripts/tron_api.mjs:594

🔗

中危外部 URL 外部 URL

https://sunswap.com

scripts/tron_api.mjs:766

🔗

中危外部 URL 外部 URL

https://tronscan.org/#/transaction/$

scripts/tron_api.mjs:810

🔗

中危外部 URL 外部 URL

https://tronnrg.com

scripts/tron_api.mjs:909

🔗

中危外部 URL 外部 URL

https://justlend.org

scripts/tron_api.mjs:910

目录结构

19 文件 · 150.7 KB · 4345 行

JavaScript 2f · 1703L Markdown 11f · 1432L JSON 3f · 660L Shell 3f · 550L

├─ ▾ 📁 docs

│ ├─ 📝 claude-integration-guide.md Markdown 210L · 6.7 KB

│ ├─ 🔧 integration-guide.sh Shell 61L · 2.9 KB

│ ├─ 📝 resource-model.md Markdown 93L · 3.5 KB

│ └─ 📝 staking-guide.md Markdown 115L · 3.9 KB

├─ ▾ 📁 scripts

│ ├─ 📜 mcp_server.mjs JavaScript 497L · 15.1 KB

│ └─ 📜 tron_api.mjs JavaScript 1206L · 45.6 KB

├─ ▾ 📁 skills

│ ├─ ▾ 📁 tron-market

│ │ └─ 📝 SKILL.md Markdown 116L · 3.2 KB

│ ├─ ▾ 📁 tron-resource

│ │ └─ 📝 SKILL.md Markdown 139L · 4.8 KB

│ ├─ ▾ 📁 tron-staking

│ │ └─ 📝 SKILL.md Markdown 100L · 3.6 KB

│ ├─ ▾ 📁 tron-swap

│ │ └─ 📝 SKILL.md Markdown 110L · 3.6 KB

│ ├─ ▾ 📁 tron-token

│ │ └─ 📝 SKILL.md Markdown 108L · 3.2 KB

│ └─ ▾ 📁 tron-wallet

│ └─ 📝 SKILL.md Markdown 119L · 3.8 KB

├─ 📋 _meta.json JSON 13L · 503 B

├─ 🔧 install.sh Shell 325L · 11.6 KB

├─ 📋 package-lock.json JSON 606L · 20.7 KB

├─ 📋 package.json JSON 41L · 1.3 KB

├─ 📝 README.md Markdown 203L · 6.0 KB

├─ 📝 SKILL.md Markdown 119L · 3.8 KB

└─ 🔧 uninstall.sh Shell 164L · 6.8 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`none`	`N/A`	native	否	Zero external dependencies - uses only Node.js native modules (fetch, crypto, child_process)

安全亮点

✓ Zero npm dependencies - uses only native Node.js 18+ fetch and crypto

✓ No credential harvesting or exfiltration

✓ No sensitive file access (~/.ssh, ~/.aws, .env)

✓ No base64-encoded payloads or eval() calls

✓ Read-only operations - no private key handling or transaction signing

✓ Uses only public blockchain APIs (TronGrid, TronScan, CoinGecko)

✓ Comprehensive SKILL.md documentation matches implementation

✓ Well-structured code with proper error handling