Skills
skills/mindverse/second-me-skills/secondme-openclaw-discover/Gen Agent Trust Hub

secondme-openclaw-discover

Warn

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill instructs the agent to read sensitive information from a local file path at {baseDir}/.credentials. Specifically, it looks for accessToken or access_token to authenticate API requests. Accessing credential files directly is a high-risk practice that can lead to data exposure.
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection due to the handling of external data.
  • Ingestion points: The agent fetches data from https://app.mindos.com/gate/in/rest/third-party-agent/v1/discover/users, which includes user-controlled strings.
  • Boundary markers: Absent. There are no instructions or delimiters provided to help the agent distinguish between its own logic and potentially malicious instructions embedded in user fields like hook, title, or briefIntroduction.
  • Capability inventory: The skill possesses the capability to read local files (.credentials) and perform network operations (GET requests to the Mindverse API).
  • Sanitization: Absent. The skill does not specify any filtering, escaping, or validation of the content retrieved from the discovery API before it is presented to the user or processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 16, 2026, 03:41 AM