fundfarm
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to install a CLI tool from
https://app.myfundfarm.com/cli/fundfarm-cli-0.2.11.tgzand a plugin fromhttps://www.myfundfarm.com/plugins/openclaw-fundfarm-1.0.0.tgz. These resources are provided by the vendor to enable the skill's core functionality. - [COMMAND_EXECUTION]: The skill relies on executing the
fundfarmcommand-line utility to perform fund lookups, portfolio summaries, and trade operations. - [DATA_EXFILTRATION]: User financial data, including holdings and transaction history, is transmitted to the vendor's API at
api.myfundfarm.com. This is necessary for the service to provide real-time updates and cloud synchronization. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection through external data ingestion.
- Ingestion points: The agent retrieves data from external sources such as fund descriptions, market indices, and user-generated knowledge base entries via
get_fund_detailandfundfarm knowledge get. - Boundary markers: No specific delimiters or safety instructions for handling embedded data were found in the documentation.
- Capability inventory: The agent can execute CLI commands, communicate with external APIs, and perform financial transactions (buy/sell).
- Sanitization: The skill employs server-side validation (e.g., NAV range checks, volume limits) and interactive confirmation prompts for all write operations to minimize the impact of potentially malicious inputs.
Audit Metadata