Skills
skills/0xaxiom/axiom-public/tx-verify/Snyk

tx-verify

Warn

Audited by Snyk on Mar 9, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md clearly instructs the agent to fetch and interpret on-chain data from public third-party endpoints (e.g., createPublicClient transport http('https://mainnet.base.org'), explorer links like https://basescan.org, and publicClient.readContract/ waitForTransactionReceipt), which are untrusted, user-generated blockchain contents that directly influence whether the agent announces success.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 9, 2026, 10:05 PM