crypto-news Security Report — Low Risk | ClawSafe

25 /100

crypto-news

加密快讯抓取与筛选技能，从 BlockBeats 官方开放接口并发抓取最新快讯

Skill is a legitimate crypto news fetcher but has significant doc-to-code mismatch: push-news.js and send-feishu.js with hardcoded gateway tokens and message-sending behavior are entirely undeclared in SKILL.md.

Skill Namecrypto-news

Duration43.8s

Enginepi

✓

Safe to install

Document the full skill surface including push-news.js, the gateway token mechanism, and the feishu messaging capability. Avoid hardcoding credentials; use environment variables instead.

Findings 4 items

Severity	Finding	Location
Medium	Undeclared messaging capability with hardcoded gateway token Doc Mismatch SKILL.md only describes new.js for news fetching. Both push-news.js and send-feishu.js contain hardcoded GATEWAY_TOKEN ('30176f5d9e3d3372a70cefc8c1cf34248e5abc5888ec5519') and POST messages to http://127.0.0.1:18789/tools/invoke. This outbound messaging capability is entirely absent from documentation. `const GATEWAY_TOKEN = '30176f5d9e3d3372a70cefc8c1cf34248e5abc5888ec5519';` → Document the messaging/push functionality in SKILL.md. Move credentials to environment variables.	`push-news.js:9`
Medium	Undeclared shell execution via execSync Doc Mismatch push-news.js uses execSync to invoke new.js. While the subprocess call itself is for a legitimate internal script, this shell:WRITE capability is not declared anywhere in SKILL.md. const result = execSync(`node "${scriptPath}" "${keyword}" ${count} ${maxChars}`, { encoding: 'utf-8', timeout: 30000 }); → Document that push-news.js invokes new.js via subprocess. This makes the shell:WRITE capability explicit.	`push-news.js:38`
Low	Hardcoded credentials not in environment variables Credential Theft GATEWAY_TOKEN, ACCOUNT_ID, and DEFAULT_TARGET are hardcoded as string literals in push-news.js and send-feishu.js. These should be sourced from environment variables to avoid accidental exposure. `const GATEWAY_TOKEN = '30176f5d9e3d3372a70cefc8c1cf34248e5abc5888ec5519';` → Replace hardcoded credentials with process.env.GATEWAY_TOKEN and similar environment variable lookups.	`push-news.js:9`
Low	Undeclared filesystem:WRITE (cache file write) Priv Escalation push-news.js writes to .sent-news.json in the skill directory. SKILL.md only describes read operations (fetching news via API). The local cache write is a filesystem:WRITE operation not declared in the documentation. `fs.writeFileSync(SENT_CACHE_FILE, JSON.stringify(...));` → Document that this skill maintains a local cache of sent news IDs for deduplication.	`push-news.js:30`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	new.js reads API response; push-news.js reads .sent-news.json
Filesystem	`NONE`	`WRITE`	✓ Aligned	push-news.js writes .sent-news.json; not declared in SKILL.md
Network	`READ`	`READ`	✓ Aligned	new.js fetches BlockBeats API (GET); documented in SKILL.md
Network	`NONE`	`WRITE`	✗ Violation	push-news.js POSTs to gateway; send-feishu.js POSTs to gateway; SKILL.md declare…
Shell	`NONE`	`WRITE`	✗ Violation	push-news.js uses execSync (line 38); not declared in SKILL.md

19 findings

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/336035

.sent-news.json:3

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/336027

.sent-news.json:4

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/336021

.sent-news.json:5

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/336002

.sent-news.json:6

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335968

.sent-news.json:7

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335961

.sent-news.json:8

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335952

.sent-news.json:9

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335944

.sent-news.json:10

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335927

.sent-news.json:11

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335925

.sent-news.json:12

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335883

.sent-news.json:13

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335822

.sent-news.json:14

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335808

.sent-news.json:15

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335654

.sent-news.json:16

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335515

.sent-news.json:17

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/336114

.sent-news.json:18

🔗

Medium External URL 外部 URL

https://api.theblockbeats.news/v1/open-api/open-flash

SKILL.md:12

🔗

Medium External URL 外部 URL

https://m.theblockbeats.info/flash/335678

SKILL.md:75

🔗

Medium External URL 外部 URL

http://127.0.0.1:18789

push-news.js:9

File Tree

7 files · 20.6 KB · 690 lines

JavaScript 3f · 540L Markdown 1f · 92L JSON 3f · 58L

├─ 📋 .sent-news.json JSON 20L · 842 B

├─ 📜 new.js JavaScript 264L · 7.5 KB

├─ 📋 package-lock.json JSON 33L · 760 B

├─ 📋 package.json JSON 5L · 48 B

├─ 📜 push-news.js JavaScript 224L · 6.3 KB

├─ 📜 send-feishu.js JavaScript 52L · 1.3 KB

└─ 📝 SKILL.md Markdown 92L · 3.8 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`ws`	`^8.19.0`	npm	No	Well-known WebSocket library, version range is slightly broad but acceptable

Security Positives

✓ No base64-encoded strings or obfuscated code found

✓ No credential harvesting (no iteration over os.environ for secrets)

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No curl|bash or wget|sh remote script execution

✓ No reverse shell, C2 communication, or data exfiltration to external IPs

✓ No eval(), new Function(), or dynamic code execution

✓ Dependency (ws) is a well-known, widely-used legitimate package

✓ new.js is a clean, straightforward news fetcher that matches its documentation

Scan Report

Findings 4 items

File Tree

Dependencies 1 items

Security Positives