aixyz
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill provides guidance on managing sensitive environment variables such as
OPENAI_API_KEYand blockchainPRIVATE_KEY. It recommends using.env.localfor secret management, which is a standard security practice for local development. - [REMOTE_CODE_EXECUTION]: The documentation includes commands like
bunx create-aixyz-appandbun add, which download and execute packages from the public Bun/NPM registry. These actions are standard for project scaffolding and dependency management within the intended use-case of a developer framework. - [PROMPT_INJECTION]: The framework naturally supports building agents that process user-controlled data. This creates a surface for indirect prompt injection where malicious instructions could be embedded in tool inputs. The skill demonstrates the use of
zodfor input schema validation, which provides a layer of structural sanitization. - [SAFE]: Analysis of the instructions and code snippets reveals no evidence of malicious obfuscation, unauthorized data exfiltration, or privilege escalation. All network references target either well-known model providers or the vendor's own official infrastructure.
Audit Metadata