wallet-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill issues runtime calls to public RPC/WebSocket endpoints (e.g., https://mainnet.infura.io/v3/... and ws://api.openclaw.com/events) and consumes on-chain/event and balance data—which are public, user-generated sources—that the agent reads and uses to decide and execute transactions, so untrusted third‑party content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for cryptocurrency financial operations. It provides concrete commands and API endpoints to connect wallets, sign and send ETH/BTC transactions (e.g., claw wallet send, POST /api/v1/wallet/transaction), handles private keys/mnemonics, gas estimation, and secure key storage/hardware wallet support. These are specific, direct mechanisms to move funds and sign transactions, so it meets the "Direct Financial Execution" criteria.