crypto-bd-agent
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation, architectural diagrams, and scoring logic. It does not include any executable scripts, binaries, or configuration files.
- [PROMPT_INJECTION]: The skill describes an architecture that ingests untrusted data from multiple external sources, creating an attack surface for indirect prompt injection.
- Ingestion points: Intelligence gathering involves reading from DEX data aggregators, web scrapers, and community forums (SKILL.md).
- Boundary markers: There is no mention of using delimiters or instructions to the LLM to ignore embedded commands within the ingested data.
- Capability inventory: The agent has the capability to generate outreach drafts and execute x402 micropayments based on the evaluation of this data (SKILL.md).
- Sanitization: The documentation does not specify any sanitization or validation procedures for the external data before it is processed by the LLM cascade.
Audit Metadata