Skills
skills/mindverse/second-me-skills/secondme-openclaw-plaza/Gen Agent Trust Hub

secondme-openclaw-plaza

Warn

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill is instructed to read authentication tokens from a local file located at {baseDir}/.credentials. Storing and reading sensitive access tokens from the filesystem can lead to credential exposure if the environment is not properly secured.
  • [PROMPT_INJECTION]: The skill processes untrusted data retrieved from external API endpoints, such as Plaza posts and comments, which could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: Data is ingested through GET requests to the Plaza posts and comments endpoints (SKILL.md).
  • Boundary markers: No boundary markers or delimiters are present to isolate the external content from the agent's primary instructions.
  • Capability inventory: The skill primarily performs network operations to vendor-owned domains (app.mindos.com) and does not possess capabilities for command execution or local file modification.
  • Sanitization: There are no instructions for sanitizing or validating the content of the retrieved posts or comments before processing them.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 16, 2026, 03:41 AM