nova-wallet

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs running remote code at runtime via the npm package (e.g., "npm install @mynthai/nova" or "npx @mynthai/nova"), which fetches and executes code from the npm registry and is a required dependency for the skill to operate.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I scanned the skill prompt for high-entropy literal values that could serve as usable credentials.

Flagged:

• The sample claim URL "https://preview.mynth.ai/c/mto3M1JEa6Hr0UFRCBGjOg" is a high-entropy token embedded in a URL. The docs explicitly treat claimUrl as a secret credential (one-time claim link). Because it appears as a concrete, random-looking token, it should be considered a hardcoded secret.

Ignored (not flagged) and why:

• The sample txId "d32c966fd430267...b37ace8" is a transaction identifier, not an access credential — it does not grant access to services.
• The long ID in the error message "3tkv5qrm43jtjf86x3ks5l6jpjgpyw7n8424pm" looks like an account/address identifier; identifiers are not necessarily credentials that grant access, so I treated it as non-secret example data.
• Other strings (npm package name, commands, config names, and simple/example phrases) are documentation/usage items or placeholders and do not meet the high-entropy credential definition.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a blockchain wallet controller (nova CLI) with commands to send funds, create claim links, and withdraw stablecoins across multiple blockchains, plus key export/import and transaction IDs. These are specific crypto/blockchain wallet and transaction operations (send/withdraw), i.e., direct financial execution capabilities.