mercury Security Report — Low Risk | ClawSafe

15 /100

mercury

Mercury bank API skill for Digital 4 Jesus LLC — balance checks, invoices, AR management, and money transfers via Mercury Bank API

A legitimate Mercury Bank API wrapper for a named business entity with properly declared capabilities, credential storage, and network access. No hidden functionality or malicious indicators detected.

Skill Namemercury

Duration37.3s

Enginepi

✓

Safe to install

Skill is safe for use. No action required. Consider pinning python3 to a specific version in the script if stricter supply-chain posture is desired.

Findings 2 items

Severity	Finding	Location
Low	Unpinned python3 dependency Supply Chain The mercury.sh script invokes 'python3' without version constraints. Any Python 3.x version is accepted, which could allow execution on an unexpected Python version with different behavior. `curl -s --user "$TOKEN:" -X "$method" "${BASE}${path}" \| python3 -m json.tool` → Consider pinning to a specific version (e.g., python3.11) or ensure python3 symlink is controlled in the deployment environment. Low risk for a bash wrapper script.	`scripts/mercury.sh:41`
Info	Credentials file path declared in documentation Sensitive Access The skill explicitly documents the credential storage location (~/.secrets/mercury.env) in SKILL.md. While this is a standard secure pattern, it makes the credential path discoverable if SKILL.md is exposed. Credentials at `~/.secrets/mercury.env` → This is acceptable and follows best practices (keeping credentials out of the repo). No action needed.	`SKILL.md:10`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`READ`	✓ Aligned	scripts/mercury.sh:16 — reads ~/.secrets/mercury.env (declared in SKILL.md)
Network	`READ`	`READ`	✓ Aligned	SKILL.md:16-17 — api.mercury.com declared; script makes HTTP calls via curl
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:21-29 — bash commands shown; scripts/mercury.sh uses subprocess/call
Environment	`NONE`	`READ`	✓ Aligned	scripts/mercury.sh:16 — sources $HOME/.secrets/mercury.env only
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access detected
Browser	`NONE`	`NONE`	—	No browser usage detected
Database	`NONE`	`NONE`	—	No database access detected

4 findings

🔗

Medium External URL 外部 URL

https://api.mercury.com/api/v1

SKILL.md:16

🔗

Medium External URL 外部 URL

https://api.mercury.com/api/v1/ar

SKILL.md:17

🔗

Medium External URL 外部 URL

https://api.mercury.com/api/v1/...

references/api.md:7

📧

Info Email 邮箱地址

[email protected]

references/api.md:122

File Tree

3 files · 10.7 KB · 370 lines

Markdown 2f · 205L Shell 1f · 165L

├─ ▾ 📁 references

│ └─ 📝 api.md Markdown 143L · 3.9 KB

├─ ▾ 📁 scripts

│ └─ 🔧 mercury.sh Shell 165L · 4.6 KB

└─ 📝 SKILL.md Markdown 62L · 2.2 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`python3`	`*`	system	No	No version pinning; used via -m json.tool for output formatting

Security Positives

✓ All network requests go to a single legitimate endpoint (api.mercury.com), no arbitrary IP or domain access

✓ No base64, obfuscation, or anti-analysis techniques detected

✓ No credential exfiltration or data theft behavior

✓ No remote script execution (curl|bash, wget|sh) detected

✓ All shell operations are declared in SKILL.md and necessary for the banking API feature

✓ API token is scoped to a single service (Mercury Bank) with no broader environment variable enumeration

✓ No ~/.ssh, ~/.aws, .env iteration or sensitive path scanning beyond the declared credentials file

✓ SKILL.md and references/api.md are consistent with scripts/mercury.sh behavior — no doc-to-code mismatch

✓ MIT license declared; skill is transparently documented

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives