中文 EN

Scan Report

Scan New Files

High Risk — Risk Score 65/100
Last scan:23 hr ago Rescan
65 /100
Bounty Hunter Agent
AI Agent for DR. Wang Guopeng's side business automation - includes Soul.Markets AI services, ClawHub skill publishing, Jarvis-Invest trading system, and Personal CFO financial management
SKILL.md exposes multiple hardcoded credentials (DeepSeek API key, Soul marketplace key) in plaintext documentation, creating severe credential theft risk if this file is shared or accessed by unauthorized parties.
Skill NameBounty Hunter Agent
Duration31.1s
Enginepi
Do not install this skill
Remove all hardcoded credentials from SKILL.md. Store API keys in environment variables or a secure secrets manager. Use placeholder references like $DEEPSEEK_API_KEY instead of actual values. Never include live credentials in documentation that may be shared or published.

Attack Chain 4 steps

Escalation Attacker obtains SKILL.md through ClawHub publication, repo leak, or shared documentation
SKILL.md:1
Escalation Attacker extracts hardcoded DeepSeek API key from SKILL.md line 75
SKILL.md:75
Escalation Attacker extracts Soul marketplace key from SKILL.md line 26
SKILL.md:26
Impact Attacker abuses stolen API credentials for their own AI services or resells them
N/A

Findings 4 items

Severity Finding Location
Critical
Hardcoded DeepSeek API Key in Documentation Credential Theft
A valid DeepSeek API key (sk-5aa202974f284ecc9a82c95d9c7ca23e) is hardcoded in plaintext within SKILL.md. If this file is shared, published to ClawHub, or exposed in any way, the API key can be harvested and abused by threat actors.
DeepSeek API Key: `sk-5aa202974f284ecc9a82c95d9c7ca23e`
→ Remove the API key immediately. Use environment variable reference: ${DEEPSEEK_API_KEY} or document that users must set their own API key.
 SKILL.md:75
Critical
Hardcoded Soul Marketplace Key in Documentation Credential Theft
Soul marketplace authentication key is hardcoded in plaintext within SKILL.md, exposing the agent's marketplace credentials.
Soul Key: `soul_5ada62059ba0f801018634ad14aac894054116a189f1659c33e68544a12912aa`
→ Remove the Soul key from documentation. Use placeholder or document that this must be configured by the user.
 SKILL.md:26
Medium
No Declared Allowed-Tools Section Doc Mismatch
SKILL.md lacks an allowed-tools declaration, making it impossible to audit what resources this skill actually requires. This violates the expectation that SKILL.md should declare all permissions.
No allowed-tools declaration found
→ Add an allowed-tools section documenting the minimal permissions required (e.g., shell:NONE, filesystem:READ for logs directory).
 SKILL.md:1
Medium
References to Sensitive File Paths Sensitive Access
SKILL.md references ~/.openclaw/workspace paths that may contain sensitive data (wallet backups, logs). While not directly accessing these, documenting them increases the attack surface.
钱包备份: `~/.openclaw/workspace/bounty-hunter/wallet/gellycat-wallet.json`
→ Avoid documenting exact paths to sensitive files. Use generic references instead.
 SKILL.md:104
ResourceDeclaredInferredStatusEvidence
Filesystem NONE NONE No file operations in this documentation-only skill
Network NONE NONE No network calls defined; credentials are static references
Shell NONE NONE No shell commands in documentation
Environment NONE READ ✗ Violation References to env vars implied by configuration but not formally declared
1 Critical 3 findings
🔑
Critical API Key 硬编码 API 密钥
sk-5aa202974f284ecc9a82c95d9c7ca23e
SKILL.md:75
🔗
Medium External URL 外部 URL
https://soul.mds.markets/gellycat-adam-ai
SKILL.md:17
💰
Medium Wallet Address 加密货币钱包地址
0x9d90d0e0b951fe9a7bbdfc274259cd8110349fc0
SKILL.md:30

File Tree

1 files · 4.3 KB · 178 lines
Markdown 1f · 178L
└─ 📝 SKILL.md Markdown 178L · 4.3 KB

Security Positives

✓ No executable code present - purely documentation
✓ No shell commands or subprocess calls
✓ No network requests or data exfiltration patterns
✓ No obfuscation techniques observed
✓ No supply chain dependencies to audit