openclaw-hivemind
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION]: The skill configuration requires a path to a Solana keypair JSON file (agentKeypairPath) to generate signatures for authentication. This involves access to sensitive private keys.
- [PROMPT_INJECTION]: The skill retrieves external messages from a remote server, which constitutes an indirect prompt injection surface.
- Ingestion points: Messages are fetched from the remote hiveUrl via the hivemind_fetch tool.
- Boundary markers: No delimiters or specific instructions to ignore embedded commands are described in the documentation.
- Capability inventory: The agent can perform authenticated session joins (hivemind_join), message broadcasts (hivemind_send), and message retrieval (hivemind_fetch).
- Sanitization: There is no mention of sanitization, validation, or filtering of the fetched external messages before processing.
- [COMMAND_EXECUTION]: The documentation provides a command to install the plugin via the OpenClaw CLI, which interacts with a local TypeScript file.
- [EXTERNAL_DOWNLOADS]: The skill connects to an external Hivemind server (example provided uses Cloudflare Workers, a well-known service) to exchange messages and verify identity.
Audit Metadata