Skills
skills/0xpolygon/polygon-agent-cli/polygon-discovery/Gen Agent Trust Hub

polygon-discovery

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the polygon-agent CLI to perform wallet management tasks (setup, wallet create, balances) and to execute the x402-pay command for API interactions.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to x402-api.onrender.com to access its service catalog and various utility APIs.
  • [DATA_EXFILTRATION]: User-supplied data, including source code snippets for the 'Code Review' service and search queries for 'Web Search', are transmitted to an external endpoint hosted on Render.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes content from external, untrusted sources like Twitter/X, Google News, and general web searches.
  • Ingestion points: Data enters the agent's context through the responses from the x402-api.onrender.com endpoints (e.g., /api/twitter, /api/call/9b0f5...).
  • Boundary markers: The instructions do not define clear delimiters or include warnings to the agent to ignore instructions embedded in the retrieved data.
  • Capability inventory: The agent can perform further network operations and execute financial transactions (USDC payments) via the polygon-agent CLI.
  • Sanitization: There is no evidence of content sanitization or instruction filtering before the external data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 12:59 PM