hoosat-dev

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes explicit examples that print or otherwise output private keys (e.g., console.log('Private Key:', wallet.privateKey.toString('hex'))) which instructs exposing secret values verbatim, even though some parts use safer env-var patterns.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's dApp and explorer code and documentation explicitly call the public Hoosat REST API (https://proxy.hoosat.net/api/v1) via HoosatWebClient and other clients to fetch blocks, transactions, mempool entries, address balances and UTXOs — all public, user-generated blockchain data that the agent is expected to read/interpret, which could carry untrusted payloads and enable indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly provides blockchain financial execution capabilities. It includes SDK methods and examples for building, signing, and broadcasting HTN transactions (HoosatTxBuilder, HoosatCrypto.importKeyPair, HoosatClient.submitTransaction, builder.sign(), client.submitTransaction(tx)). It documents wallet generation/import, private key handling, UTXO selection, fee calculation, and REST endpoints for balances and submission. Crucially, it includes an "Agent Wallet System" with encrypted wallet storage, transaction execution features (transfer HTN with auto-approve or confirmation), agent-transact.py, and quick commands like "Transfer 5 HTN from mining to hoosat:...". These are specific tools to manage wallets and send cryptocurrency transactions—i.e., direct financial execution.