whale-alert-monitor 安全扫描报告 — 可疑 | ClawSafe

35 /100

whale-alert-monitor

Cryptocurrency whale wallet alert monitoring assistant — tracks large transfers, exchange flows, and whale positions

Hardcoded billing API key exposed in source code; payment.py makes undeclared external network calls to skillpay.me that are not mentioned in SKILL.md; all scripts use mock/simulated data with no real blockchain APIs called.

技能名称whale-alert-monitor

分析耗时75.7s

引擎pi

⚠

谨慎使用

Remove hardcoded BILLING_API_KEY from payment.py and use os.getenv('SKILLPAY_API_KEY') instead. Add network:WRITE to declared capabilities. Consider whether payment.py is actually invoked at skill runtime, since scripts use mock data.

安全发现 6 项

严重性	安全发现	位置
高危	Hardcoded billing API key in payment.py BILLING_API_KEY is defined as a string literal on line 12 of payment.py and transmitted in the X-API-Key header to https://skillpay.me. If this file is exposed (e.g., through skill publication, debugging, or a supply-chain attack), the key can be stolen and abused for billing fraud. This key is not pinned to an environment variable as best practice requires. `BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"` → Replace with: BILLING_API_KEY = os.getenv('SKILLPAY_API_KEY', '') and require the environment variable to be set.	`payment.py:12`
中危	Undeclared external network calls in payment.py SKILL.md declares network usage only for Telegram/Discord notifications. However, payment.py silently makes HTTP GET/POST requests to https://skillpay.me during verify_payment() and charge_user(). The skill payload (payment.py) is included in the published skill but its external network behavior is not documented. `resp = requests.get(f"{BILLING_API_URL}/api/v1/billing/balance", params={"user_id": user_id}, headers=HEADERS, timeout=10)` → Document all external domains (skillpay.me) in SKILL.md. Add network:WRITE to declared capabilities. Alternatively, decouple billing from the skill runtime.	`payment.py:26`
中危	Silent payment enforcement on skill invocation require_payment() in payment.py raises SystemExit if balance is insufficient. This means the skill refuses to function without payment, but this behavior is only visible as an inline comment in SKILL.md, not as a declared dependency or pre-condition. `raise SystemExit("Payment required")` → Document the payment requirement prominently in SKILL.md with a dedicated section, including the billing provider and pricing model.	`payment.py:88`
低危	Environment variable access not declared Multiple scripts read API keys and tokens from os.environ (ETHERSCAN_API_KEY, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, DISCORD_WEBHOOK_URL) but SKILL.md does not declare environment:READ as a capability. `self.api_key = os.getenv('ETHERSCAN_API_KEY')` → Add environment:READ to declared capabilities and list all required environment variables in SKILL.md.	`whale_tracker.py:17`
低危	File write operations not declared Scripts write to local files (whale_profile.json, alert_history.json, whale_monitor.log) but filesystem:WRITE is not declared in SKILL.md. `with open(filename, 'w') as f: json.dump(data, f, indent=2)` → Add filesystem:WRITE to declared capabilities if file writes are intentional at runtime.	`whale_tracker.py:231`
提示	All scripts use mock/simulated data No script makes actual Etherscan, Alchemy, or Moralis API calls. All data is generated via random number generation. The ETHERSCAN_API_KEY read from environment is never used. This reduces the real-world risk but raises questions about the skill's utility. `# 生成10-30笔交易; for i in range(random.randint(10, 30))` → Either implement real API integration or clearly label the scripts as demonstration/mock tools.	`whale_tracker.py:67`

资源类型	声明权限	推断权限	状态	证据
网络访问	`READ`	`READ+WRITE`	✗ 越权	payment.py:15 — requests.post to skillpay.me with API key
环境变量	`NONE`	`READ`	✗ 越权	whale_tracker.py:17 — os.getenv('ETHERSCAN_API_KEY'); alert_manager.py:105 — os.…
文件系统	`NONE`	`READ+WRITE`	✗ 越权	whale_tracker.py:231 — open(filename,'w'); monitor_daemon.py:44 — logging.FileHa…
命令执行	`NONE`	`NONE`	—	No subprocess or shell execution found

1 高危 24 项发现

🔑

高危 API 密钥疑似硬编码凭证

API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"

payment.py:12

💰

中危钱包地址加密货币钱包地址

0x742d35Cc6634C0532925a3b8D4E6D3b6e8d3e8D3

SKILL.md:78

💰

中危钱包地址加密货币钱包地址

0x3f5CE5FBFe3E9af3971dD833D26bA9b5C936f0bE

SKILL.md:96

💰

中危钱包地址加密货币钱包地址

0x71660c4005BA85c37ccec55d0C4493E66Fe775d3

SKILL.md:101

🔗

中危外部 URL 外部 URL

https://skillpay.me

payment.py:11

🔗

中危外部 URL 外部 URL

https://api.etherscan.io/api

references/api-configuration.md:8

🔗

中危外部 URL 外部 URL

https://eth-mainnet.g.alchemy.com/v2/

references/api-configuration.md:54

🔗

中危外部 URL 外部 URL

https://deep-index.moralis.io/api/v2/

references/api-configuration.md:89

🔗

中危外部 URL 外部 URL

https://eth-mainnet.g.alchemy.com/v2/KEY

references/api-configuration.md:112

🔗

中危外部 URL 外部 URL

https://eth-mainnet.g.alchemy.com/v2/$

references/api-configuration.md:137

🔗

中危外部 URL 外部 URL

https://etherscan.io

references/api-configuration.md:138

🔗

中危外部 URL 外部 URL

https://bsc-dataseed.binance.org

references/api-configuration.md:142

🔗

中危外部 URL 外部 URL

https://bscscan.com

references/api-configuration.md:143

🔗

中危外部 URL 外部 URL

https://arb-mainnet.g.alchemy.com/v2/$

references/api-configuration.md:147

🔗

中危外部 URL 外部 URL

https://arbiscan.io

references/api-configuration.md:148

🔗

中危外部 URL 外部 URL

https://opt-mainnet.g.alchemy.com/v2/$

references/api-configuration.md:152

🔗

中危外部 URL 外部 URL

https://optimistic.etherscan.io

references/api-configuration.md:153

💰

中危钱包地址加密货币钱包地址

0xdB3c617cDd2fBf0c8611C04A49d34C7B332e2BB6

references/wallet-labels.md:8

💰

中危钱包地址加密货币钱包地址

0x5a52E96BAcdaBb82fd05763E25335261B270Efcb

references/wallet-labels.md:9

💰

中危钱包地址加密货币钱包地址

0x503828976D22510aad0201ac7EC88293211D23Da

references/wallet-labels.md:15

💰

中危钱包地址加密货币钱包地址

0x6b75d8AF000000e20B7a7DD000000090D0000000

references/wallet-labels.md:20

💰

中危钱包地址加密货币钱包地址

0xf89d7b9c864f589bbF53f821d7EfC68c91d70958

references/wallet-labels.md:25

💰

中危钱包地址加密货币钱包地址

0x2B6eD29a95753C3Ad948348e3e7b1A251039FBB9

references/wallet-labels.md:30

🔗

中危外部 URL 外部 URL

https://api.telegram.org/bot

scripts/alert_manager.py:149

目录结构

11 文件 · 74.5 KB · 2441 行

Python 7f · 1864L Markdown 3f · 558L JSON 1f · 19L

├─ ▾ 📁 references

│ ├─ 📝 api-configuration.md Markdown 181L · 2.9 KB

│ └─ 📝 wallet-labels.md Markdown 90L · 1.5 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 alert_manager.py Python 303L · 9.9 KB

│ ├─ 🐍 exchange_flow.py Python 311L · 10.6 KB

│ ├─ 🐍 holding_analyzer.py Python 283L · 9.5 KB

│ ├─ 🐍 monitor_daemon.py Python 246L · 7.9 KB

│ ├─ 🐍 transfer_monitor.py Python 300L · 9.6 KB

│ └─ 🐍 whale_tracker.py Python 279L · 9.9 KB

├─ 📋 _meta.json JSON 19L · 440 B

├─ 🐍 payment.py Python 142L · 5.2 KB

└─ 📝 SKILL.md Markdown 287L · 6.9 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`requests`	`*`	pip	否	Version not pinned; used for billing and notification HTTP calls
`pyyaml`	`*`	pip	否	Used for config loading in monitor_daemon.py

安全亮点

✓ No subprocess, shell, or eval() execution found anywhere in the codebase

✓ No credential harvesting from ~/.ssh, ~/.aws, or other sensitive paths

✓ No base64-encoded payloads or obfuscated code

✓ No curl|bash or wget|sh remote script execution

✓ Notification channels (Telegram/Discord) use environment variables, not hardcoded tokens

✓ No hidden instructions in HTML comments or documentation

✓ Scripts are well-structured Python with clear logging