Skills
skills/fluxa-agent-payment/fluxa-ai-wallet-mcp/fluxa-agent-wallet/Gen Agent Trust Hub

fluxa-agent-wallet

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @fluxa-pay/fluxa-wallet package and utilizes the awal package via npx, which are external dependencies from the npm registry.
  • [REMOTE_CODE_EXECUTION]: The use of npx awal@2.0.3 x402 to discover services involves downloading and executing code from a remote source at runtime.
  • [PROMPT_INJECTION]: The skill ingests external instructions from https://clawpi-v2.vercel.app/api/skill.md and monetize.fluxapay.xyz. 1) Ingestion points: Markdown files and API responses from external domains. 2) Boundary markers: None. 3) Capability inventory: CLI tools for payments, payouts, and system open command. 4) Sanitization: None. This surface allows for potential indirect prompt injection attacks.
  • [COMMAND_EXECUTION]: The skill executes various system commands through the fluxa-wallet CLI and accesses a sensitive local configuration file at ~/.fluxa-ai-wallet-mcp/config.json for Agent ID credential storage. It also uses the system open command to initiate browser-based user authorizations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 12:06 PM