Skills
skills/smartchainark/nby-skills/openclaw-task-worker/Gen Agent Trust Hub

openclaw-task-worker

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: A hardcoded Supabase anonymous API key (ANON) is provided in SKILL.md to facilitate access to the backend database.\n- [DATA_EXFILTRATION]: The skill instructions direct the agent to transmit a user-specific worker_api_key (obtained during registration) and task results to a remote Supabase endpoint (ieoybuwlfiwbownpwpqc.supabase.co).\n- [PROMPT_INJECTION]: The skill introduces an indirect prompt injection surface by fetching untrusted Markdown content from a remote API and instructing the agent to execute the described tasks.\n
  • Ingestion points: Task content is retrieved from the /rest/v1/rpc/get_task and /rest/v1/rpc/claim_task endpoints as documented in references/task-protocol.md.\n
  • Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the task retrieval logic.\n
  • Capability inventory: The agent is likely to possess capabilities such as shell execution, file system access, or network requests to complete the fetched tasks.\n
  • Sanitization: There is no evidence of sanitization or validation of the content fetched from the remote task pool before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 05:54 PM