nft
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected through the processing of untrusted NFT metadata.
- Ingestion points: The skill retrieves metadata such as names and descriptions from blockchain queries and API endpoints like api.openclaw.com.
- Boundary markers: Absent. The skill does not define delimiters for separating external data from agent instructions.
- Capability inventory: The skill utilizes subprocess.run for command execution and performs network requests.
- Sanitization: Absent. There is no mention of validation or escaping for data retrieved from external blockchain sources.
- [COMMAND_EXECUTION]: The skill executes system-level commands using the claw CLI tool. Examples show the agent invoking subprocess.run for NFT creation and transfer operations.
- [DATA_EXFILTRATION]: The skill performs network operations to non-whitelisted domains. It makes API requests to api.openclaw.com and interacts with blockchain RPC providers to query metadata and manage transactions.
Audit Metadata