ordinals
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements standard Bitcoin Ordinals operations and follows the two-step commit/reveal transaction pattern. No malicious behavior was detected.\n- [EXTERNAL_DOWNLOADS]: Fetches fee estimates, transaction data, and UTXOs from the well-known service mempool.space. These operations are essential for blockchain interaction and are documented neutrally.\n- [COMMAND_EXECUTION]: Accesses the wallet's private keys via an internal project library to sign transactions. This capability is required for the skill's primary purpose and is handled through established local modules.\n- [PROMPT_INJECTION]: The get-inscription command presents a surface for indirect prompt injection by displaying untrusted data from the Bitcoin blockchain.\n
- Ingestion points: ordinals.ts calls InscriptionParser to fetch data from the Mempool API.\n
- Boundary markers: Absent; raw content is displayed in JSON output.\n
- Capability inventory: The skill can sign and broadcast transactions to the Bitcoin network.\n
- Sanitization: Text content is truncated to 1000 characters, but no instruction filtering is performed.
Audit Metadata