Skills
skills/0xaxiom/axiom-public/net-protocol/Gen Agent Trust Hub

net-protocol

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill requires the sensitive NET_PRIVATE_KEY environment variable to sign onchain transactions and messages.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @net-protocol/cli package globally via npm.
  • [COMMAND_EXECUTION]: The skill executes shell commands using the netp CLI for blockchain operations and the cast tool in example scripts.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing messages from the blockchain.
  • Ingestion points: Public onchain messages are retrieved via netp message read (SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to delimit or ignore instructions within the retrieved message data.
  • Capability inventory: The agent has the ability to write messages and upload files onchain via netp message send and netp storage upload.
  • Sanitization: No validation or sanitization is performed on the incoming message content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:05 PM