openserv-agent-sdk
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly provisions and manages a blockchain wallet (WALLET_PRIVATE_KEY), and exposes an on-chain registration API (client.erc8004.registerOnChain / register()) that requires the wallet private key and ETH on Base to pay gas. These are specific crypto/blockchain operations (signing/sending on-chain transactions), not generic tooling—so it grants direct financial execution capability.
Audit Metadata