cobo-tss-node
Facilitates management of a Cobo TSS Node for secure MPC threshold signing, including setup, health checks, and disaster recovery.
Install this skill
or
53/100
Security score
The cobo-tss-node skill was audited on Feb 28, 2026 and we found 9 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
low line 65
Access to hidden dotfiles in home directory
SourceSKILL.md
| 65 | ./scripts/node-ctl.sh <command> [--dir ~/.cobo-tss-node] |
medium line 80
Access to hidden dotfiles in home directory
SourceSKILL.md
| 80 | Linux uses `journalctl`, macOS reads from `~/.cobo-tss-node/logs/launchd-stdout.log`. |
medium line 123
Access to hidden dotfiles in home directory
SourceSKILL.md
| 123 | - Exports encrypted key share files to a timestamped directory: `~/.cobo-tss-node/recovery/YYYYMMDD-HHMMSS/` |
medium line 133
Access to hidden dotfiles in home directory
SourceSKILL.md
| 133 | Creates a timestamped backup at `~/.cobo-tss-node/backups/YYYYMMDD-HHMMSS/` containing: |
medium line 179
Access to hidden dotfiles in home directory
SourceSKILL.md
| 179 | Removes the systemd/launchd service but **keeps all data** in `~/.cobo-tss-node/`. To fully remove: `rm -rf ~/.cobo-tss-node`. |
medium line 195
Access to hidden dotfiles in home directory
SourceSKILL.md
| 195 | Config file: `~/.cobo-tss-node/configs/cobo-tss-node-config.yaml` |
low line 210
Access to hidden dotfiles in home directory
SourceSKILL.md
| 210 | ~/.cobo-tss-node/ |
medium line 244
Access to hidden dotfiles in home directory
SourceSKILL.md
| 244 | | Permission denied on `.password` | Wrong file mode | `chmod 600 ~/.cobo-tss-node/.password` | |
high line 243
Prompting for password/secret input
SourceSKILL.md
| 243 | | "password" prompt on start | Missing `--key-file` | Reinstall service: `install-service.sh linux` | |
Scanned on Feb 28, 2026
View Security DashboardInstall this skill with one command
/learn @openclaw/cobo-tss-node