Is limone-eth/erc8004-agent safe?

https://github.com/openclaw/skills/tree/main/skills/limone-eth/erc8004-agent

82
SAFE

This skill provides legitimate blockchain agent registration functionality with a well-designed security architecture that isolates private keys in external proxy servers. While it involves external dependencies and financial operations that create inherent risks, no malicious intent or obvious vulnerabilities were detected.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 80/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 70/100 · 5%

Findings (5)

MEDIUM External package dependency -15

Skill instructs agent to install @buildersgarden/siwa npm package, creating a trust boundary where malicious code could be executed if the package is compromised.

MEDIUM Strong external service directives -10

Skill uses strong language requiring agent to use specific external services and proxy servers, which could override user preferences.

MEDIUM External network dependencies -15

Skill requires network calls to external keyring proxy servers and IPFS services, creating potential data exfiltration vectors if services are compromised.

LOW Financial transaction risk -20

Skill involves real cryptocurrency transactions and wallet funding, creating financial risk if agent is manipulated or addresses are incorrect.

LOW External service deployment -10

Instructions to deploy services via Railway template could expose user to additional attack vectors through cloud deployment.