superise-market-sustain
Fail
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the @superise/market-sustain-cli tool from the official npm registry when the command is missing from the environment.
- [COMMAND_EXECUTION]: Configures persistent scheduled tasks (cron jobs) via the superise market-sustain setup openclaw command to perform recurring monitoring and maintenance loops.
- [REMOTE_CODE_EXECUTION]: Executes the downloaded CLI tool to perform state changes, manage account configurations, and initiate financial transactions.
- [DATA_EXFILTRATION]: Accesses sensitive financial data including market account balances, runway forecasts, and crypto wallet identity information (nervos.identity) to drive automated decisions.
- [PROMPT_INJECTION]: Contains autonomous delegation triggers (e.g., 'keep yourself alive', 'manage your own balance') that instruct the agent to initiate financial transfers and modify system state without explicit per-transaction user approval.
- [PROMPT_INJECTION]: Exhibits a vulnerability surface for indirect prompt injection:
- Ingestion points: CLI outputs from health-check, forecast, and config show commands (SKILL.md).
- Boundary markers: Absent; instructions do not include delimiters or warnings to ignore embedded content.
- Capability inventory: Includes financial fund transfers (top-up) and persistence setup (setup openclaw).
- Sanitization: Absent; no evidence of filtering or validation of the ingested CLI data before use in decision-making.
Recommendations
- AI detected serious security threats
Audit Metadata