blave-quant
Audited by Snyk on Jul 7, 2026
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The README instructs the agent to run an npx install that fetches and executes code from the GitHub repository https://github.com/Blave-TW/blave-quant-skill (e.g. "npx -y skills add https://github.com/Blave-TW/blave-quant-skill ..."), which is a runtime fetch that will execute remote code.
HIGH W008: Secret detected in skill content (API keys, tokens, passwords).
- Secret detected (high risk: 1.00). I reviewed the skill docs for literal credential-like values. Most occurrences are environment variable names or placeholders (e.g., YOUR_API_KEY, YOUR_SECRET_KEY, YOUR_MEMO) or public/static broker/affiliate identifiers (e.g., BlaveData666666, GBN6HWR2, ZZDLtrXMF, BX-AI-SKILL) which are either non-secret headers or documentation examples and should be ignored.
However, CLAUDE.md contains two UUID-like strings embedded directly inside a Base64(HMAC-SHA256(...)) expression used for KC-API-PARTNER-SIGN:
- "1c10e0c0-bc3e-4a18-ad53-e41e6df5f757"
- "520815df-b324-4494-9bc8-b1015732b902"
These are high-entropy literal values used as HMAC keys in the example (i.e., the secret/key argument to HMAC). That fits the definition of a secret (a literal value used to generate signatures/provide access). Therefore they should be flagged. All other candidates in the docs were placeholders, public IDs, or low-entropy examples and are ignored per the rules.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly provides trading and wallet-transfer capabilities across multiple named exchanges (BitMart, OKX, Bybit, Binance, Bitfinex, KuCoin, etc.), lists WRITE operations such as placing/modifying/canceling orders, opening/closing positions, submitting funding offers/loans, and performing wallet transfers, and requires API keys/.env credentials and a confirm-execute workflow. These are specific financial execution functions (market orders, transfers, funding), not generic tools—so it grants Direct Financial Execution Authority.
Issues (3)
Unverifiable external dependency detected (runtime URL that controls agent).
Secret detected in skill content (API keys, tokens, passwords).
Direct money access capability detected (payment gateways, crypto, banking).