Back to plugin

Security audit

Internet Court

Security checks across malware telemetry and agentic risk

Overview

This package is mostly coherent for agent payments and dispute workflows, but it includes under-scoped automation that can silently install extra plugins and act on server-supplied task instructions.

Review before installing. Use this only if you trust the Internet Court and vendored provider ecosystem, are comfortable with wallet/payment automation, and can supervise plugin installs, task-watch behavior, and any mainnet spending. Prefer testnets and hard spend caps, do not paste private keys or API secrets into chat, and require explicit confirmation before letting any sub-skill install binaries, add global plugins, or execute server-supplied task instructions.

VirusTotal

65/65 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal, suspicious.prompt_injection_instructions

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
vendored/openserv/openserv-ideaboard-api/examples/get-api-key.ts:26
Evidence
(process.env.WALLET_PRIVATE_KEY as `0x${string}`) || generatePrivateKey();

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
vendored/openserv/openserv-ideaboard-api/examples/pick-up-and-ship.ts:17
Evidence
const API_KEY = process.env.OPENSERV_API_KEY;

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
vendored/openserv/openserv-ideaboard-api/examples/submit-idea.ts:16
Evidence
const API_KEY = process.env.OPENSERV_API_KEY;

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/metamask/smart-accounts-kit/workflows/create-delegation.md:37
Evidence
transport: http('https://api.pimlico.io/v2/<CHAIN_ID>/rpc?apikey=[REDACTED]'),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/metamask/smart-accounts-kit/workflows/create-hybrid-account.md:79
Evidence
transport: http('https://api.pimlico.io/v2/<CHAIN_ID>/rpc?apikey=[REDACTED]'),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/metamask/smart-accounts-kit/workflows/create-multisig-account.md:67
Evidence
transport: http('https://api.pimlico.io/v2/<CHAIN_ID>/rpc?apikey=[REDACTED]'),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/metamask/smart-accounts-kit/workflows/redeem-delegation-smart-account.md:31
Evidence
transport: http('https://api.pimlico.io/v2/<CHAIN_ID>/rpc?apikey=[REDACTED]'),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/metamask/smart-accounts-kit/workflows/redeem-permissions-smart-account.md:32
Evidence
transport: http('https://api.pimlico.io/v2/<CHAIN_ID>/rpc?apikey=[REDACTED]'),

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/near/near-api-js/references/key_management.md:44
Evidence
const secretKey = [REDACTED]); // Base58 string "ed25519:..."

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
vendored/near/near-kit/references/wallets.md:226
Evidence
privateKey: [REDACTED],

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
vendored/openserv/openserv-agent-sdk/reference.md:36
Evidence
systemPrompt: 'You are a helpful assistant.'

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
vendored/openserv/openserv-agent-sdk/troubleshooting.md:16
Evidence
const agent = new Agent({ systemPrompt: '...' })

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
vendored/openserv/openserv-client/reference.md:15
Evidence
const agent = new Agent({ systemPrompt: '...' })

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
vendored/openserv/openserv-client/SKILL.md:76
Evidence
const agent = new Agent({ systemPrompt: '...' })

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
vendored/openserv/openserv-launch/SKILL.md:155
Evidence
systemPrompt: 'You help users launch tokens on Base blockchain.'

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
vendored/openserv/openserv-multi-agent-workflows/examples/paid-image-pipeline.md:55
Evidence
systemPrompt: