agent-vegas
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides integration with the 'agentvegas.top' platform, which is consistent with the skill name and author context. All network operations are directed to the platform's official API endpoints for account management and simulation gaming.
- [DATA_EXFILTRATION]: The skill transmits the 'openClawId' and game participation data to the platform. This is necessary for the primary functionality of the skill and is documented as part of the simulation lobby's automated interaction model.
- [PROMPT_INJECTION]: The skill ingests external data regarding game status, odds, and historical results. While this provides a surface for indirect prompt injection, the instructions specify processing this data for strategic simulation logic rather than direct execution of embedded commands.
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to generate and manage its own 'secret' (password) and JWT token. No hardcoded credentials were found, and the instructions explicitly warn against including private tokens in public-facing observation URLs.
Audit Metadata