Skills
skills/bussgrowwithlucky-crypto/openclaw-skill-crypto-wallet/crypto-wallet/Gen Agent Trust Hub

crypto-wallet

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill.py script prints a URL containing the wallet address to a third-party QR code generation service (api.qrserver.com). This exposes the user's wallet address to an external service provider.
  • [PROMPT_INJECTION]: The skill accepts untrusted user input via CLI arguments and processes it without validation or sanitization, creating an attack surface for indirect prompt injection.
  • Ingestion points: Input is received via sys.argv in skill.py and $@ in skill.sh.
  • Boundary markers: No delimiters or instructions are used to distinguish user data from agent instructions.
  • Capability inventory: The skill writes to local files (wallets.json) and produces output that the agent interprets.
  • Sanitization: No input filtering or escaping is implemented.
  • [COMMAND_EXECUTION]: The documentation in SKILL.md suggests installing the skill in a root-owned directory (/root/.openclaw/skills/), which encourages running processes with excessive privileges and increases the impact of a potential compromise.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 01:00 PM
Security Audit — agent-trust-hub — crypto-wallet