ERC-8004 Register
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill instructs users to store sensitive mnemonics and private keys in environment variables (ERC8004_MNEMONIC, ERC8004_PRIVATE_KEY). This exposes high-value credentials to any process or agent with environment access.
- [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection (Category 8). The tool fetches agent names, descriptions, and service endpoints from external sources like the blockchain and the Agentscan API during 'info' and 'self-check' commands. Ingestion points: On-chain agent metadata and Agentscan API responses. Boundary markers: None observed in the instructions or command structures. Capability inventory: The script performs on-chain transactions and shell executions. Sanitization: No evidence of sanitization for retrieved metadata. An attacker could embed instructions in an agent's description to hijack the agent performing the validation.
- [EXTERNAL_DOWNLOADS] (LOW): The tool requires installing 'web3' and 'eth-account' from PyPI. While these are standard libraries, the skill itself comes from an untrusted source ('openclaw').
Recommendations
- AI detected serious security threats
Audit Metadata