send
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the 'fibx' tool from the NPM registry using npx.
- [REMOTE_CODE_EXECUTION]: The skill executes remote code from the NPM registry via the npx command.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute CLI commands for blockchain operations.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection by placing user-provided values directly into bash commands. 1. Ingestion points: parameters 'amount', 'recipient', 'token', and 'chain'. 2. Boundary markers: No delimiters are used to separate user input from the command string. 3. Capability inventory: The skill can execute arbitrary shell commands via the Bash tool. 4. Sanitization: There is no evidence of input validation or sanitization in the skill's instructions.
Audit Metadata