← Back to Scanner

crypto-portfolio-tracker Security Audit Report

🔭 Continuously monitored by ClawSecure Watchtower
Source:
SHA-256:

crypto-portfolio-tracker is an AI agent skill, created by crypto-tools-pro. ClawSecure audited crypto-portfolio-tracker through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 54 findings concentrate in Supply Chain, Malicious Code and Data Exfiltration, including Base64 Obfuscated Payload and Base64 Obfuscated Payload. 37 were rated high or critical severity.

Is crypto-portfolio-tracker safe?

ClawSecure audited crypto-portfolio-tracker and assigned a security score of 0/100 (High Risk), identifying 54 findings across Supply Chain and Malicious Code. Review the findings below before installing.

What did ClawSecure find in crypto-portfolio-tracker?

ClawSecure identified 54 findings in crypto-portfolio-tracker, concentrated in Supply Chain, Malicious Code and Data Exfiltration. 37 were rated high or critical severity. The most severe include Base64 Obfuscated Payload and Base64 Obfuscated Payload.

How was crypto-portfolio-tracker audited?

ClawSecure ran crypto-portfolio-tracker through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage.

What does a score of 0 mean?

ClawSecure assigned crypto-portfolio-tracker a security score of 0/100, placing it in the High Risk range. This is driven by 54 findings led by Supply Chain that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).

Audit Findings for crypto-portfolio-tracker

ClawSecure detected 54 security findings in crypto-portfolio-tracker, spanning Supply Chain, Malicious Code, Data Exfiltration and Cve.

Showing the 12 highest-severity of 54 findings. The full interactive list appears below.

3-Layer Audit Protocol

Security Recommendations for crypto-portfolio-tracker

Update and pin dependencies
crypto-portfolio-tracker depends on packages with supply-chain risk. Pin every dependency to an exact version, update packages with known CVEs to patched releases, and re-audit after each change. ClawSecure checks every dependency against known CVE databases.
Audit external network connections
crypto-portfolio-tracker connects to external endpoints. Verify every outbound connection goes to a trusted destination. Unauthorized callbacks are a primary indicator of ClawHavoc malware and data exfiltration. ClawSecure's proprietary engine monitors for known malicious endpoints including C2 infrastructure.
Harden command execution
crypto-portfolio-tracker constructs or runs system commands. Validate that commands are built only from trusted inputs, never pass user-controlled strings directly to a shell, and restrict execution to an allow-list of expected commands.

Related Security Research

AI Agent Supply Chain Attacks: How Dependencies Become WeaponsBeyond Static Scans: Why ClawSecure Verifies Agentic Intent

Related AI Agent Security Audits

openclaw-master-skillsScore 0/100openclaw-master-skillsScore 0/100tiktok-app-marketingScore 0/100clawsec-suiteScore 0/100yahoo-finance-m16opScore 0/100

Scanned on February 13, 2026. crypto-portfolio-tracker is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.

Start Your Free Scan