Skills
skills/aicoincom/aicoin-skills/aicoin-hyperliquid/Gen Agent Trust Hub

aicoin-hyperliquid

Fail

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file lib/defaults.json contains hardcoded accessKeyId and accessSecret. While documented as a public free-tier key, hardcoding credentials in the source code is a significant security risk.\n- [DATA_EXFILTRATION]: The loadEnv function in lib/aicoin-api.mjs reads .env configuration files from the current directory and the user's home directory (e.g., ~/.openclaw/.env). This allows the skill to access sensitive local configuration data.\n- [PROMPT_INJECTION]: The skill processes user-supplied parameters like wallet addresses and coin symbols that are interpolated into API requests, creating a surface for indirect prompt injection.\n
  • Ingestion points: Parameters passed as command-line arguments to hl-market.mjs and hl-trader.mjs.\n
  • Boundary markers: None present to distinguish untrusted data from instructions.\n
  • Capability inventory: Authenticated network access to open.aicoin.com via fetch.\n
  • Sanitization: Parameters are serialized using URLSearchParams and JSON.stringify, which protects against structure-level injection but not content-level instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 11, 2026, 02:55 PM