bankr-signals
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill integration requires users to store a Bankr API key in a local configuration file and provide a blockchain PRIVATE_KEY via an environment variable. Handling raw private keys in shell scripts poses a significant risk of accidental credential exposure.
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to periodically fetch a remote markdown file (heartbeat.md) and 'follow' its instructions. This creates a remote instruction injection vector where an external server can dynamically alter the agent's logic and behavior at runtime.
- [COMMAND_EXECUTION]: The publish-signal.sh script uses node -e to dynamically execute JavaScript code strings for signing messages. It also makes extensive use of curl, jq, and python3 -c to process network data and execute logic derived from API responses.
- [EXTERNAL_DOWNLOADS]: The skill performs automated network operations to non-whitelisted domains including bankr.bot and bankrsignals.com for wallet provisioning, message signing, and signal publishing.
Audit Metadata