Skills
skills/aibtcdev/skills/aibtc-news-sales/Gen Agent Trust Hub

aibtc-news-sales

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external platforms which can be used to influence the agent's behavior via indirect prompt injection.\n
  • Ingestion points: The skill reads data from the aibtc.com agent registry, Moltbook posts, and the agent's own inbox (SKILL.md Step 1).\n
  • Boundary markers: There are no documented delimiters or instructions to ignore embedded commands within the processed data.\n
  • Capability inventory: The agent can execute local scripts via bun run and has access to wallet and signing capabilities for blockchain transactions (AGENT.md Decision Logic, SKILL.md frontmatter).\n
  • Sanitization: No input validation or sanitization routines are mentioned for the content retrieved from external sources.\n- [COMMAND_EXECUTION]: The agent is configured to run local TypeScript scripts using the Bun runtime.\n
  • Evidence: The decision logic in AGENT.md triggers bun run aibtc-news-classifieds/aibtc-news-classifieds.ts for listing management operations.\n
  • Context: While the scripts appear to be vendor-provided dependencies, the ability to execute code remains a high-impact capability if the agent is manipulated via its external data inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 11:17 PM