fiat
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to automatically search for and read credentials from sensitive file paths including
~/.env,~/.openclaw/secrets.env, and workspace.envfiles. - [CREDENTIALS_UNSAFE]: The agent is specifically directed to read the first two lines of a
.envfile usingsedand treat them as raw API keys and secrets if the standard KEY=VALUE format is not detected, posing a risk of harvesting unrelated sensitive data from those files. - [COMMAND_EXECUTION]: The skill provides complex shell script logic for the agent to execute, including the use of
grep,sed,openssl, andcurlto manipulate secrets and perform authenticated requests. - [COMMAND_EXECUTION]: The skill implements automated signing procedures using
opensslfor HMAC, RSA, and Ed25519, which involves the agent accessing and processing private keys (private_key.pem). - [DATA_EXFILTRATION]: The skill reads local credentials and transmits them to
https://api.binance.com. While this targets the vendor's official API, the automated retrieval and transmission occur without explicit user confirmation for certain configuration methods. - [PROMPT_INJECTION]: The skill contains instructions for the agent to 're-read' secrets files upon user request and to bypass confirmation steps for transactions when specifically configured, which reduces human-in-the-loop oversight.
Audit Metadata