0g-compute

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands that accept raw private keys (e.g., login --private-key <key>), an inference get-secret flow and an example openclaw.json that requires placing the provider API key verbatim into the config, so the LLM would need to handle/embed secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public third‑party data—e.g., provider listings and baseUrl/apiKey used to configure OpenClaw (SKILL.md "Configure OpenClaw Provider" and references/openclaw-config.md) and the scripts/0g-price-compare.sh which curls CoinGecko and OpenRouter—so untrusted external content is read and used to make provider-selection and routing/configuration decisions that can materially alter runtime behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly manages on-chain tokens and provides commands to move funds: it requires a funded wallet and private-key login, and includes deposit, transfer-fund (to provider sub-accounts), retrieve-fund (from sub-accounts), and refund (withdraw to wallet). These are concrete crypto/banking-style operations (wallet management and token transfers) rather than generic API/click automation, so it grants direct financial execution capability.