by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill implements expected NFT operations and legitimately needs a signing key and account to perform writes — but it fails to declare those requirements in its manifest or document them clearly. Before installing or providing credentials: (1) Ask the author to update skill.json and SKILL.md to list required env vars (XPR_PRIVATE_KEY, XPR_ACCOUNT, XPR_RPC_ENDPOINT) and explain the required permission level. (2) Prefer using a restricted or ephemeral key (and least-privilege permission) or an...详细分析 ▾
ℹ 用途与能力
Functionality (create/mint/transfer/burn NFTs on XPR) matches the skill name and description. Requiring a private key, account, and RPC endpoint for write operations is expected for signing transactions. However, the skill.json declares no required env vars while the implementation demands XPR_PRIVATE_KEY, XPR_ACCOUNT, and XPR_RPC_ENDPOINT at runtime — an inconsistency between claimed requirements and actual needs.
✓ 指令范围
SKILL.md stays within NFT lifecycle responsibilities (create templates, mint, list, auction, transfer, burn) and calls out IPFS usage and safety rules (e.g., avoid A2A messages). It instructs auto-transfer on delivery and to always mint to the agent's own account first — these are within scope. The doc does not ask the agent to read unrelated files or exfiltrate data.
ℹ 安装机制
There is no install spec (instruction-only), reducing install-time risk. However, the runtime code dynamically imports '@proton/js' for signing; dependencies are not declared in metadata. That means the runtime environment must provide this package or the skill will fail, and it's unclear what node packages will be required when this skill is loaded.
⚠ 凭证需求
The source code requires sensitive env vars (XPR_PRIVATE_KEY, XPR_ACCOUNT, XPR_RPC_ENDPOINT) for write operations. These are proportionate to NFT signing/transactions, but the skill's manifest (skill.json) lists no required env vars and SKILL.md does not document them — creating a mismatch that could cause users to accidentally provide secrets without proper warning. No alternative signing options (e.g., external signer or ephemeral keys) are documented.
✓ 持久化与权限
The skill does not request always:true and is user-invocable only; it doesn't modify other skills or system-wide settings based on the provided files. Autonomous invocation is allowed (platform default) but not combined with any other high privilege here.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.2.112026/2/14
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install xpr-nft
镜像加速npx clawhub@latest install xpr-nft --registry https://cn.longxiaskill.com