Skill Trust Decision
whale-alert-monitor
Hardcoded billing API key exposed in source code; payment.py makes undeclared external network calls to skillpay.me that are not mentioned in SKILL.md; all scripts use mock/simulated data with no real blockchain APIs called.
Most direct threat evidence
High
Hardcoded billing API key in payment.py BILLING_API_KEY is defined as a string literal on line 12 of payment.py and transmitted in the X-API-Key header to https://skillpay.me. If this file is exposed (e.g., through skill publication, debugging, or a supply-chain attack), the key can be stolen and abused for billing fraud. This key is not pinned to an environment variable as best practice requires.
payment.py:12 Why this conclusion was reached
3/4 dimensions flagged Block
Declared vs actual capability
3 undeclared or violating capabilities were inferred.
Block
Hidden execution and egress
1 high-risk artifacts or egress signals were extracted.
Block
Attack chain and severe findings
The report includes 0 attack-chain steps and 1 severe findings.
Review
Dependencies and supply chain hygiene
2 dependency or supply-chain issues need attention.
What drove the risk score up
Hardcoded API key in source +15
BILLING_API_KEY = 'sk_f03aa8f8...' is hardcoded in payment.py:12 and sent to external skillpay.me
Undeclared external network calls +10
payment.py sends requests to https://skillpay.me/api/v1/billing/* — not declared in SKILL.md capabilities
SkillPay pricing not declared as a capability +5
SKILL.md describes functionality but buries the 0.01 USDT/call charge in an inline comment without declaring network:WRITE or environment access
Mock-only data, no real APIs called +-5
All scripts generate random simulated blockchain data; Etherscan/Alchemy keys in env vars are never used, reducing actual risk
Most important evidence
High
Hardcoded billing API key in payment.py
BILLING_API_KEY is defined as a string literal on line 12 of payment.py and transmitted in the X-API-Key header to https://skillpay.me. If this file is exposed (e.g., through skill publication, debugging, or a supply-chain attack), the key can be stolen and abused for billing fraud. This key is not pinned to an environment variable as best practice requires.
payment.py:12 Replace with: BILLING_API_KEY = os.getenv('SKILLPAY_API_KEY', '') and require the environment variable to be set.
Medium
Undeclared external network calls in payment.py
SKILL.md declares network usage only for Telegram/Discord notifications. However, payment.py silently makes HTTP GET/POST requests to https://skillpay.me during verify_payment() and charge_user(). The skill payload (payment.py) is included in the published skill but its external network behavior is not documented.
payment.py:26 Document all external domains (skillpay.me) in SKILL.md. Add network:WRITE to declared capabilities. Alternatively, decouple billing from the skill runtime.
Medium
Silent payment enforcement on skill invocation
require_payment() in payment.py raises SystemExit if balance is insufficient. This means the skill refuses to function without payment, but this behavior is only visible as an inline comment in SKILL.md, not as a declared dependency or pre-condition.
payment.py:88 Document the payment requirement prominently in SKILL.md with a dedicated section, including the billing provider and pricing model.
Low
Environment variable access not declared
Multiple scripts read API keys and tokens from os.environ (ETHERSCAN_API_KEY, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, DISCORD_WEBHOOK_URL) but SKILL.md does not declare environment:READ as a capability.
whale_tracker.py:17 Add environment:READ to declared capabilities and list all required environment variables in SKILL.md.
Low
File write operations not declared
Scripts write to local files (whale_profile.json, alert_history.json, whale_monitor.log) but filesystem:WRITE is not declared in SKILL.md.
whale_tracker.py:231 Add filesystem:WRITE to declared capabilities if file writes are intentional at runtime.
Info
All scripts use mock/simulated data
No script makes actual Etherscan, Alchemy, or Moralis API calls. All data is generated via random number generation. The ETHERSCAN_API_KEY read from environment is never used. This reduces the real-world risk but raises questions about the skill's utility.
whale_tracker.py:67 Either implement real API integration or clearly label the scripts as demonstration/mock tools.
Declared capability vs actual capability
Network Block
Declared READ
→ Inferred READ+WRITE
payment.py:15 — requests.post to skillpay.me with API key Environment Block
Declared NONE
→ Inferred READ
whale_tracker.py:17 — os.getenv('ETHERSCAN_API_KEY'); alert_manager.py:105 — os.getenv('TELEGRAM_BOT_TOKEN') Filesystem Block
Declared NONE
→ Inferred READ+WRITE
whale_tracker.py:231 — open(filename,'w'); monitor_daemon.py:44 — logging.FileHandler Shell Pass
Declared NONE
→ Inferred NONE
No subprocess or shell execution found Suspicious artifacts and egress
High API Key
API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" payment.py:12
Medium Wallet Address
0x742d35Cc6634C0532925a3b8D4E6D3b6e8d3e8D3 SKILL.md:78
Medium Wallet Address
0x3f5CE5FBFe3E9af3971dD833D26bA9b5C936f0bE SKILL.md:96
Medium Wallet Address
0x71660c4005BA85c37ccec55d0C4493E66Fe775d3 SKILL.md:101
Medium External URL
https://skillpay.me payment.py:11
Medium External URL
https://api.etherscan.io/api references/api-configuration.md:8
Medium External URL
https://eth-mainnet.g.alchemy.com/v2/ references/api-configuration.md:54
Medium External URL
https://deep-index.moralis.io/api/v2/ references/api-configuration.md:89
Medium External URL
https://eth-mainnet.g.alchemy.com/v2/KEY references/api-configuration.md:112
Medium External URL
https://eth-mainnet.g.alchemy.com/v2/$ references/api-configuration.md:137
Medium External URL
https://etherscan.io references/api-configuration.md:138
Medium External URL
https://bsc-dataseed.binance.org references/api-configuration.md:142
Dependencies and supply chain
| Package | Version | Source | Known vuln | Notes |
|---|---|---|---|---|
| requests | * | pip | No | Version not pinned; used for billing and notification HTTP calls |
| pyyaml | * | pip | No | Used for config loading in monitor_daemon.py |
File composition
11 files · 2441 lines
Python 7 files · 1864 linesMarkdown 3 files · 558 linesJSON 1 files · 19 lines
Files of concern · 5
scripts/alert_manager.py https://api.telegram.org/bot
SKILL.md 0x742d35Cc6634C0532925a3b8D4E6D3b6e8d3e8D3 · 0x3f5CE5FBFe3E9af3971dD833D26bA9b5C936f0bE · 0x71660c4005BA85c37ccec55d0C4493E66Fe775d3
payment.py Hardcoded billing API key in payment.py · Undeclared external network calls in payment.py · Silent payment enforcement on skill invocation · API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" · https://skillpay.me
references/api-configuration.md https://api.etherscan.io/api · https://eth-mainnet.g.alchemy.com/v2/ · https://deep-index.moralis.io/api/v2/ · https://eth-mainnet.g.alchemy.com/v2/KEY · https://eth-mainnet.g.alchemy.com/v2/$ · https://etherscan.io · https://bsc-dataseed.binance.org · https://bscscan.com · https://arb-mainnet.g.alchemy.com/v2/$ · https://arbiscan.io · https://opt-mainnet.g.alchemy.com/v2/$ · https://optimistic.etherscan.io
references/wallet-labels.md 0xdB3c617cDd2fBf0c8611C04A49d34C7B332e2BB6 · 0x5a52E96BAcdaBb82fd05763E25335261B270Efcb · 0x503828976D22510aad0201ac7EC88293211D23Da · 0x6b75d8AF000000e20B7a7DD000000090D0000000 · 0xf89d7b9c864f589bbF53f821d7EfC68c91d70958 · 0x2B6eD29a95753C3Ad948348e3e7b1A251039FBB9
Other files · exchange_flow.py · whale_tracker.py · transfer_monitor.py · holding_analyzer.py · monitor_daemon.py · _meta.json
Security positives
No subprocess, shell, or eval() execution found anywhere in the codebase
No credential harvesting from ~/.ssh, ~/.aws, or other sensitive paths
No base64-encoded payloads or obfuscated code
No curl|bash or wget|sh remote script execution
Notification channels (Telegram/Discord) use environment variables, not hardcoded tokens
No hidden instructions in HTML comments or documentation
Scripts are well-structured Python with clear logging