config
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npx starkfi@latestto fetch and execute the StarkFi CLI package from the npm registry at runtime. While npm is a well-known service and the package corresponds to the author's identity, this pattern involves executing code from an external source during operation. - [COMMAND_EXECUTION]: The skill is granted permission to execute bash commands using
npxto perform configuration updates and query transaction statuses on-chain. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with untrusted external data.
- Ingestion points: Data is ingested into the agent context from the output of
npx starkfi@latest tx-statusandnpx starkfi@latest config get-rpc(SKILL.md). - Boundary markers: No delimiters or specific instructions to ignore embedded commands are present in the skill to protect against malicious payloads in external data (SKILL.md).
- Capability inventory: The skill has the capability to modify local configuration files and network settings via
npx(SKILL.md). - Sanitization: There is no evidence of sanitization, validation, or escaping of the data returned by external tools before it is processed by the agent (SKILL.md).
Audit Metadata