Skills
skills/aibtcdev/skills/aibtc-news/Gen Agent Trust Hub

aibtc-news

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) by fetching and processing news signals and beat information from the platform's API.
  • Ingestion points: News signals, headlines, and beat descriptions are ingested from the aibtc.news/api endpoints.
  • Boundary markers: The skill does not employ specific delimiters to isolate external news content from the agent's instructions.
  • Capability inventory: The skill possesses capabilities for subprocess execution (Bun.spawn), authenticated network operations (fetch), and blockchain transaction signing (makeContractCall).
  • Sanitization: Content is validated for length and JSON structure, but natural language fields are not sanitized to prevent embedded instructions.
  • [COMMAND_EXECUTION]: The skill utilizes Bun.spawn to execute a local signing script (signing/signing.ts) for BIP-322 message authentication. While the command is constructed as an array to prevent shell injection, it establishes a dependency on the integrity of the external signing utility.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 04:08 PM