bankofai-guide

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs capturing a generated wallet password and embedding it verbatim into CLI commands and user-facing output (e.g., using -p '' and showing the password), which requires the LLM to handle and expose secrets directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly installs and runs an external CLI package via "npm install -g @bankofai/agent-wallet" (fetched from the npm registry, e.g. https://registry.npmjs.org/@bankofai/agent-wallet), which downloads and executes remote code the skill depends on for wallet setup and interactive prompts, so it is a runtime external dependency that can control execution.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly provisions and manages crypto wallets and the signing flow. It runs an Agent Wallet CLI (agent-wallet start, agent-wallet resolve-address, agent-wallet list), generates and stores wallet passwords/runtime secrets, displays EVM/TRON addresses, and explicitly refers to performing transfers and swaps (SunSwap) and being invoked as a "wallet guard" before on‑chain operations. This is a specific crypto/blockchain wallet and signing capability (wallet creation, private key handling, and transaction signing), which directly enables moving funds on-chain. That fits the "Crypto/Blockchain (Wallets, Swaps, Signing)" category.