child-inscription
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill signs and broadcasts Bitcoin transactions to the mainnet. It retrieves private keys from a local wallet manager to perform these operations, which is the intended functionality for on-chain inscription management.
- [EXTERNAL_DOWNLOADS]: Interacts with well-known Bitcoin mempool APIs (mempool.space) to retrieve real-time fee estimates, verify UTXOs, and broadcast transactions. These external references are standard for blockchain-enabled skills and target reputable infrastructure providers.
- [PROMPT_INJECTION]: The skill ingests user-provided content and external blockchain data (via the lookupParentInscription function). These are potential surfaces for indirect prompt injection; however, the skill handles this data as binary or text payloads for embedding into Bitcoin scripts and does not pass them back to the LLM for instruction execution, effectively isolating the agent from the data content.
- [DATA_EXPOSURE]: Persists transaction state (content, IDs, and amounts) in a local file named '.child-inscription-state.json' between steps. This file is used to facilitate the multi-step commit-reveal process and does not store private keys or sensitive credentials.
Audit Metadata