admapix
Fail
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions contain a hardcoded bearer token (
test-local-token-2026) used to authenticate requests to the Deep Research API atdeepresearch.admapix.com. - [COMMAND_EXECUTION]: The agent is instructed to generate and run a complex shell script (a
whileloop utilizingcurl,grep, andcut) to poll for research results from a remote server. - [EXTERNAL_DOWNLOADS]: The skill connects to multiple external endpoints (
api.admapix.comanddeepresearch.admapix.com) to fetch market data, app details, and research reports. - [DATA_EXFILTRATION]: The Deep Research feature is designed to transmit the user's private
ADMAPIX_API_KEYto thedeepresearch.admapix.comdomain within a POST request body. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data (ad titles, descriptions, and AI-generated summaries) from external APIs.
- Ingestion points: Data enters the context via the Creative Search and Deep Research result processing steps in
SKILL.md. - Boundary markers: None present to separate untrusted data from instructions.
- Capability inventory: The skill has access to shell execution (
curl) and configuration management (openclaw config set). - Sanitization: The skill provides instructions to strip HTML tags from certain fields but lacks comprehensive input validation.
Recommendations
- HIGH: Downloads and executes remote code from: https://deepresearch.admapix.com/research/{task_id} - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata