warn
suspicious.prompt_injection_instructions
- Location
- SKILL.md:26
- Finding
- Prompt-injection style instruction pattern detected.
Portal Wallet
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.prompt_injection_instructions
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
If the agent signs or sends the wrong transaction, crypto funds may be lost or transferred irreversibly.
Why it was flagged
The skill documents direct API calls that can send cryptocurrency using the user's MPC share. This is purpose-aligned for a wallet skill, but it is a high-impact action if misused.
Skill content
curl -s -X POST 'https://mpc-client.portalhq.io/v1/assets/send' ... '{share: $share, chain: "monad", to: $to, token: "NATIVE", amount: $amount...}'Recommendation
Only approve transactions after checking the recipient, chain, asset, amount, and simulation result. Use spending limits and a signature-approval webhook before funding the wallet.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Leaking the API key and a share could let someone else sign transactions from the wallet.
Why it was flagged
The setup guide clearly states that the Portal client API key plus an MPC share grants signing authority. This is expected for the integration but creates a strong credential boundary.
Skill content
anyone with the client API key AND a share can sign transactions
Recommendation
Store these values like wallet private keys, keep openclaw.json out of source control, rotate credentials if exposed, and avoid using production funds until policy controls are configured.
NoteHigh Confidence
ASI08: Cascading FailuresWhat this means
A bad prompt or unsafe agent behavior could translate into real financial loss if the wallet is funded without containment.
Why it was flagged
The documentation acknowledges that agent compromise or prompt injection could lead to unauthorized wallet actions unless an external policy gate is used.
Skill content
Without a signature approval webhook, this skill should only be used on test wallets with negligible balances. Prompt injection of the agent could otherwise result in unauthorized transactions.
Recommendation
Configure Portal signature approvals, spending caps, allowlisted recipients, and chain restrictions before using non-trivial funds.