dex-arbitrage 安全扫描报告 — 可疑 | ClawSafe

55 /100

dex-arbitrage

DEX搬砖套利助手 — DEX arbitrage assistant for finding cross-DEX price differences, calculating profits, and generating flash loan strategies

Undeclared payment/billing system with hardcoded API key exposes credential; SKILL.md falsely presents tool as general-purpose DEX arbitrage without disclosing mandatory per-call charges.

技能名称dex-arbitrage

分析耗时44.8s

引擎pi

⚠

谨慎使用

Remove hardcoded API key from source code (use environment variable instead); add explicit payment/billing disclosure to SKILL.md; audit data flows to skillpay.me endpoint.

安全发现 4 项

严重性	安全发现	位置
高危	Undeclared mandatory payment/billing system 文档欺骗 SKILL.md describes a free DEX arbitrage assistant but payment.py silently implements a mandatory billing system charging 0.01 USDT per invocation. Users are unaware they will be charged. The _meta.json declares pricing but SKILL.md never mentions it. `SkillPay Billing Integration / 自动集成付费验证功能` → Add prominent billing disclosure in SKILL.md including pricing (0.01 USDT/call), payment provider (skillpay.me), and required environment variables (SKILLPAY_USER_ID, SKILLPAY_API_KEY)	`payment.py:1`
高危	Hardcoded API key exposed in source code 凭证窃取 BILLING_API_KEY = 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2' is hardcoded at payment.py:12. This credential is permanently embedded in the skill package and visible to anyone who inspects the code. `BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"` → Move BILLING_API_KEY to an environment variable (SKILLPAY_API_KEY as noted in _meta.json), never hardcode credentials in source files	`payment.py:12`
中危	Missing allowed-tools declaration 文档欺骗 SKILL.md declares no allowed-tools. The skill performs network requests (to skillpay.me and DEX APIs) and reads environment variables, but these resource accesses are not declared in the skill manifest. `SKILL.md header has no allowed-tools section` → Add allowed-tools declaration to SKILL.md: network:READ for DEX API calls, environment:READ for SKILLPAY_USER_ID	`SKILL.md:1`
低危	User ID transmitted to external endpoint 数据外泄 verify_payment() reads SKILLPAY_USER_ID from environment and sends it to skillpay.me/api/v1/billing/* endpoints. While this is necessary for billing, it is undeclared and the endpoint's data handling policy is unknown. `user_id = os.environ.get("SKILLPAY_USER_ID", "anonymous_user")` → Document what data is sent to skillpay.me, provide privacy policy link, and consider making the endpoint configurable	`payment.py:99`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file writes in code; scripts are generators/calculators only
网络访问	`NONE`	`READ`	✗ 越权	payment.py:27-30 sends POST to skillpay.me; price_monitor.py:43-49 fetches DEX p…
命令执行	`NONE`	`NONE`	—	No subprocess/shell execution found
环境变量	`NONE`	`READ`	✗ 越权	payment.py:99 reads SKILLPAY_USER_ID from os.environ without declaration

1 高危 51 项发现

🔑

高危 API 密钥疑似硬编码凭证

API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"

payment.py:12

🔗

中危外部 URL 外部 URL

https://skillpay.me

payment.py:11

🔗

中危外部 URL 外部 URL

https://dexscreener.com/

references/arbitrage-tools.md:7

🔗

中危外部 URL 外部 URL

https://www.coingecko.com/

references/arbitrage-tools.md:25

🔗

中危外部 URL 外部 URL

https://api.coingecko.com/api/v3/simple/price?ids=

references/arbitrage-tools.md:32

🔗

中危外部 URL 外部 URL

https://portal.1inch.dev/

references/arbitrage-tools.md:47

🔗

中危外部 URL 外部 URL

https://api.1inch.dev/swap/v5.2/1/quote?

references/arbitrage-tools.md:58

🔗

中危外部 URL 外部 URL

https://eth.llamarpc.com

references/arbitrage-tools.md:99

🔗

中危外部 URL 外部 URL

https://api.0x.org/swap/v1/quote?

references/arbitrage-tools.md:144

🔗

中危外部 URL 外部 URL

https://li.quest/v1/quote

references/arbitrage-tools.md:163

🔗

中危外部 URL 外部 URL

https://socket.tech/

references/arbitrage-tools.md:177

🔗

中危外部 URL 外部 URL

https://across.to/

references/arbitrage-tools.md:186

🔗

中危外部 URL 外部 URL

https://protect.flashbots.net/

references/arbitrage-tools.md:215

🔗

中危外部 URL 外部 URL

https://rpc.flashbots.net

references/arbitrage-tools.md:225

🔗

中危外部 URL 外部 URL

https://www.edennetwork.io/

references/arbitrage-tools.md:230

🔗

中危外部 URL 外部 URL

https://api.edennetwork.io/v1/rpc

references/arbitrage-tools.md:234

🔗

中危外部 URL 外部 URL

https://cowswap.exchange/

references/arbitrage-tools.md:244

🔗

中危外部 URL 外部 URL

https://dune.com/

references/arbitrage-tools.md:271

🔗

中危外部 URL 外部 URL

https://eigenphi.io/

references/arbitrage-tools.md:285

🔗

中危外部 URL 外部 URL

https://explorer.flashbots.net/

references/arbitrage-tools.md:294

🔗

中危外部 URL 外部 URL

https://tenderly.co/

references/arbitrage-tools.md:303

🔗

中危外部 URL 外部 URL

https://book.getfoundry.sh/

references/arbitrage-tools.md:328

🔗

中危外部 URL 外部 URL

https://hardhat.org/

references/arbitrage-tools.md:353

🔗

中危外部 URL 外部 URL

https://zapper.fi/

references/arbitrage-tools.md:388

🔗

中危外部 URL 外部 URL

https://debank.com/

references/arbitrage-tools.md:397

🔗

中危外部 URL 外部 URL

https://www.alchemy.com/

references/arbitrage-tools.md:409

🔗

中危外部 URL 外部 URL

https://infura.io/

references/arbitrage-tools.md:414

🔗

中危外部 URL 外部 URL

https://www.quicknode.com/

references/arbitrage-tools.md:419

🔗

中危外部 URL 外部 URL

https://rpc.ankr.com/eth

references/arbitrage-tools.md:428

🔗

中危外部 URL 外部 URL

https://ethereum.publicnode.com

references/arbitrage-tools.md:429

🔗

中危外部 URL 外部 URL

https://arb1.arbitrum.io/rpc

references/arbitrage-tools.md:432

🔗

中危外部 URL 外部 URL

https://arbitrum.llamarpc.com

references/arbitrage-tools.md:433

🔗

中危外部 URL 外部 URL

https://chainlist.org/

references/arbitrage-tools.md:436

🔗

中危外部 URL 外部 URL

https://docs.uniswap.org/

references/arbitrage-tools.md:443

🔗

中危外部 URL 外部 URL

https://docs.flashbots.net/

references/arbitrage-tools.md:444

🔗

中危外部 URL 外部 URL

https://docs.ethers.org/

references/arbitrage-tools.md:445

🔗

中危外部 URL 外部 URL

https://explore.flashbots.net/

references/arbitrage-tools.md:455

🔗

中危外部 URL 外部 URL

https://writings.flashbots.net/

references/arbitrage-tools.md:457

🔗

中危外部 URL 外部 URL

https://relay.flashbots.net

references/mev-protection.md:100

🔗

中危外部 URL 外部 URL

https://protect.flashbots.net/v1/rpc

references/mev-protection.md:218

🔗

中危外部 URL 外部 URL

https://rpc.mevblocker.io

references/mev-protection.md:242

🔗

中危外部 URL 外部 URL

https://cowswap.exchange

references/mev-protection.md:255

💰

中危钱包地址加密货币钱包地址

0x2f39d218133AFaB8F2B819B1066c7E434Ad94E9e

scripts/flashloan_generator.py:430

💰

中危钱包地址加密货币钱包地址

0xE592427A0AEce92De3Edee1F18E0157C05861564

scripts/flashloan_generator.py:431

💰

中危钱包地址加密货币钱包地址

0xd9e1cE17f2641f24aE83637ab66a2cca9C378B9F

scripts/flashloan_generator.py:432

💰

中危钱包地址加密货币钱包地址

0xBA12222222228d8Ba445958a75a0704d566BF2C8

scripts/flashloan_generator.py:433

💰

中危钱包地址加密货币钱包地址

0xa97684ead0e402dC232d5A977953DF7ECBaB3CDb

scripts/flashloan_generator.py:436

💰

中危钱包地址加密货币钱包地址

0x1b02dA8Cb0d097eB8D57A175b88c7D8b47997506

scripts/flashloan_generator.py:438

🔗

中危外部 URL 外部 URL

https://api.thegraph.com/subgraphs/name/uniswap/uniswap-v3

scripts/price_monitor.py:43

🔗

中危外部 URL 外部 URL

https://api.thegraph.com/subgraphs/name/sushiswap/exchange

scripts/price_monitor.py:46

🔗

中危外部 URL 外部 URL

https://api.curve.fi/api/getPools

scripts/price_monitor.py:49

目录结构

11 文件 · 86.3 KB · 3911 行

Markdown 6f · 2517L Python 4f · 1375L JSON 1f · 19L

├─ ▾ 📁 references

│ ├─ 📝 arbitrage-basics.md Markdown 351L · 5.0 KB

│ ├─ 📝 arbitrage-tools.md Markdown 461L · 7.2 KB

│ ├─ 📝 bridge-guide.md Markdown 323L · 5.1 KB

│ ├─ 📝 flashloan-arbitrage.md Markdown 430L · 8.8 KB

│ └─ 📝 mev-protection.md Markdown 410L · 6.9 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 arbitrage_calculator.py Python 395L · 11.7 KB

│ ├─ 🐍 flashloan_generator.py Python 545L · 16.6 KB

│ └─ 🐍 price_monitor.py Python 293L · 9.6 KB

├─ 📋 _meta.json JSON 19L · 434 B

├─ 🐍 payment.py Python 142L · 5.2 KB

└─ 📝 SKILL.md Markdown 542L · 9.8 KB

安全亮点

✓ No reverse shell, C2 infrastructure, or remote code execution patterns found

✓ Python scripts are calculation/generation utilities — no direct wallet draining code

✓ flashloan_generator.py generates Solidity contract templates, not malicious contracts

✓ No base64 obfuscation, eval chains, or anti-analysis techniques detected

✓ No access to ~/.ssh, ~/.aws, .env, or other sensitive filesystem paths

✓ No cron/persistence mechanisms or startup hooks present

✓ DEX price APIs (CoinGecko, 1inch, The Graph) are legitimate and relevant to stated purpose