agent-wallet

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask users for passwords/API secrets and embed them verbatim in CLI flags (e.g., --password '', --app-secret), and to output exact copy-pastable commands containing secrets, which forces the LLM to handle and emit secret values directly.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a blockchain wallet tool: it creates and manages wallets (local_secure, Privy), resolves addresses, and — critically — exposes commands to sign transactions, messages, and EIP-712 typed data (e.g., agent-wallet sign tx, sign msg, sign typed-data) for EVM and TRON networks. The CORE RULE lists "Crypto/Blockchain (Wallets, Swaps, Signing)" as a direct financial execution capability. Even though broadcasting is out of scope, signing transactions is a specific crypto operation that enables moving funds once broadcast and therefore constitutes direct financial execution authority.