fund-wallet
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute npx agnic@latest for wallet status, address retrieval, and balance verification. This is the primary method for providing real-time wallet information to the user.
- [EXTERNAL_DOWNLOADS]: It invokes npx to fetch the agnic package from the npm registry. Since agnic is a verified vendor resource for the author agnicpay, this download is considered legitimate and safe for the skill's purpose.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from CLI outputs that could potentially be influenced by external actors (e.g., via transaction metadata). 1. Ingestion points: Output from npx agnic status/address/balance commands. 2. Boundary markers: None present to separate command output from agent instructions. 3. Capability inventory: Bash tool used for command execution. 4. Sanitization: No sanitization or validation is performed on the command output before it enters the model's context.
Audit Metadata