← Back to Scanner

crypto-portfolio-tracker Security Audit Report

🔭 Continuously monitored by ClawSecure Watchtower
Source:
SHA-256:

crypto-portfolio-tracker is an AI agent skill, created by crypto-tools-pro. ClawSecure audited crypto-portfolio-tracker through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 52 findings concentrate in Supply Chain, Malicious Code and Data Exfiltration, including Pattern detected: base64.b64encode and Pattern detected: base64.b64encode. 35 were rated high or critical severity.

Is crypto-portfolio-tracker safe?

ClawSecure audited crypto-portfolio-tracker and assigned a security score of 0/100 (High Risk), identifying 52 findings across Supply Chain and Malicious Code. Review the findings below before installing.

What did ClawSecure find in crypto-portfolio-tracker?

ClawSecure identified 52 findings in crypto-portfolio-tracker, concentrated in Supply Chain, Malicious Code and Data Exfiltration. 35 were rated high or critical severity. The most severe include Pattern detected: base64.b64encode and Pattern detected: base64.b64encode.

How was crypto-portfolio-tracker audited?

ClawSecure ran crypto-portfolio-tracker through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage.

What does a score of 0 mean?

ClawSecure assigned crypto-portfolio-tracker a security score of 0/100, placing it in the High Risk range. This is driven by 52 findings led by Supply Chain that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).

Audit Findings for crypto-portfolio-tracker

ClawSecure detected 52 security findings in crypto-portfolio-tracker, spanning Supply Chain, Malicious Code, Data Exfiltration and Cve.

Showing the 12 highest-severity of 52 findings. The full interactive list appears below.

3-Layer Audit Protocol

Security Recommendations for crypto-portfolio-tracker

Update and pin dependencies
crypto-portfolio-tracker depends on packages with supply-chain risk. Pin every dependency to an exact version, update packages with known CVEs to patched releases, and re-audit after each change. ClawSecure checks every dependency against known CVE databases.
Audit external network connections
crypto-portfolio-tracker connects to external endpoints. Verify every outbound connection goes to a trusted destination. Unauthorized callbacks are a primary indicator of ClawHavoc malware and data exfiltration. ClawSecure's proprietary engine monitors for known malicious endpoints including C2 infrastructure.
Investigate prompt injection vectors
Prompt injection is one of the most critical threats to AI agents. Attackers can embed malicious instructions in content the agent processes, causing unintended actions. Review every point where crypto-portfolio-tracker processes external content and add input validation and output filtering.

Related Security Research

AI Agent Supply Chain Attacks: How Dependencies Become WeaponsBeyond Static Scans: Why ClawSecure Verifies Agentic Intent

Related AI Agent Security Audits

openclaw-master-skillsScore 0/100openclaw-master-skillsScore 0/100tiktok-app-marketingScore 0/100clawsec-suiteScore 0/100yahoo-finance-m16opScore 0/100

Scanned on February 6, 2026. crypto-portfolio-tracker is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.

Start Your Free Scan