Skills
skills/keep-starknet-strange/starknet-agentic/starknet-anonymous-wallet/Gen Agent Trust Hub

starknet-anonymous-wallet

Warn

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/watch-events-smart.js uses system commands to modify the crontab for persistent task scheduling.
  • [CREDENTIALS_UNSAFE]: Starknet private keys are generated and stored in the local filesystem at ~/.openclaw/secrets/starknet by scripts/create-account.js.
  • [PROMPT_INJECTION]: scripts/parse-smart.js contains an advanced multi-layered protection system using regular expressions and the vard safety library to detect malicious prompt patterns and authorization bypasses.
  • [DATA_EXFILTRATION]: scripts/watch-events-smart.js can send data to external webhooks, creating a potential path for data exfiltration.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 10:03 AM