clanker
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHCREDENTIALS_UNSAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill gates its execution on the
PRIVATE_KEYenvironment variable. Encouraging users to provide raw private keys to an automated agent environment is dangerous, as these credentials grant full control over the associated blockchain accounts. - [PROMPT_INJECTION] (LOW): The skill accepts multiple untrusted inputs (e.g.,
<name>,<symbol>,--description) that are interpolated directly into theclankercommand. These represent a surface for indirect prompt injection. - Ingestion points: Token metadata fields (name, symbol, description, social links) in
clanker deploy. - Boundary markers: Absent. There are no delimiters or instructions to the agent to treat these inputs as inert data.
- Capability inventory: The skill executes blockchain transactions (token deployment, fee claiming) which have financial consequences.
- Sanitization: Not specified in the provided markdown file.
Recommendations
- AI detected serious security threats
Audit Metadata