agentcash-wallet
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the installation of a global NPM package (agentcash) and frequently executes shell commands via npx for wallet management and API interaction.
- [EXTERNAL_DOWNLOADS]: It fetches dependencies from the NPM registry and interacts with multiple vendor-provided API origins.
- [CREDENTIALS_UNSAFE]: The skill manages a highly sensitive wallet file located at ~/.agentcash/wallet.json, which contains private keys or credentials for a USDC wallet on the Base network.
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection. The npx agentcash discover command returns an instructions field from external APIs which the agent is directed to follow. The analysis found no evidence of boundary markers or sanitization for this external data, and the agent has capabilities (filesystem and network access) that could be exploited if malicious instructions are ingested.
Audit Metadata