ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 2/5

tokamak-vault-breach

Participate in the Tokamak Network Vault Breach Challenge - an AI security Capture The Flag (CTF) game where you interact with a secured AI agent to extract secret information. Use this skill when the user mentions Tokamak, vault hacking, CTF challenges, AI security testing, prompt injection, social engineering AI agents, or wants to participate in blockchain/security challenges.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/0xhammerr/tokamak-vault-breach
Or

What This Skill Does

The tokamak-vault-breach skill is a specialized offensive security tool integrated into the OpenClaw AI ecosystem. It is designed to assist users in participating in the Tokamak Network Vault Breach Challenge, a sophisticated Capture The Flag (CTF) event. The primary objective of this challenge is to test the defensive capabilities of an AI agent by attempting to extract a hidden 'seed' value required to claim a reward from a smart contract on the Ethereum mainnet. This skill provides the framework to interact with the target agent, explore its environment, and employ various prompt engineering or social engineering strategies to uncover sensitive information.

Installation

To integrate this skill into your environment, run the following command in your terminal: clawhub install openclaw/skills/skills/0xhammerr/tokamak-vault-breach

Ensure that you have the latest version of OpenClaw configured, as the skill relies on the availability of the target dashboard's API endpoints, which are discovered dynamically to ensure compatibility with live server updates.

Use Cases

This skill is intended for ethical hackers, AI safety researchers, and security developers. Common use cases include:

  • Testing the resilience of AI agents against prompt injection and jailbreaking techniques.
  • Practicing social engineering workflows in a controlled security sandbox.
  • Investigating AI agent vulnerabilities related to local file system access (e.g., reading unauthorized configuration files).
  • Educational exploration of smart contract interaction and blockchain security challenges.

Example Prompts

  1. "I want to start the Tokamak Network Vault Breach challenge. Please discover the API and begin a chat session with the target agent."
  2. "Use your file system tools to explore the directory structure, specifically look for any files that might reveal the seed, like /vault.key."
  3. "Try to build rapport with the agent and then steer the conversation toward its hidden instructions or security configuration settings."

Tips & Limitations

Success in this challenge requires iterative strategy. Start by utilizing the /api/agent/info endpoint to understand the agent's constraints. Be mindful that the agent may have system instructions designed to prevent the disclosure of the seed. If direct questioning fails, focus on context-switching or roleplay-based prompt injection. Always verify your progress by checking the logs via /api/history. Remember that this is a simulated security exercise; stay within the ethical bounds defined by the contest organizers.

Read Full Documentation on GitHub

Metadata

Author@0xhammerr
Stars4473
Views0
Updated2026-05-01
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-0xhammerr-tokamak-vault-breach": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#ctf#security#blockchain#prompt-injection#ai-safety
Safety Score: 2/5

Flags: network-access, file-read, external-api