agentic-gateway
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell utilities like grep, cut, cp, and jq to manage wallet keys and process API responses. It also relies on npx to run vendor-provided CLI tools.
- [EXTERNAL_DOWNLOADS]: The skill installs and executes official NPM packages from the @alchemy/x402 and @x402/ scopes. These are verified first-party resources from the author alchemyplatform.
- [REMOTE_CODE_EXECUTION]: The workflow involves generating authentication tokens and signing payments using the @alchemy/x402 CLI tool executed through npx.
- [DATA_EXFILTRATION]: The skill instructions guide the agent to read sensitive files like .env or wallet-key.txt to extract private keys for blockchain authentication. To mitigate risks, it explicitly forbids using standard agent tools for these files, requiring shell pipes instead to keep secrets out of the LLM context.
- [PROMPT_INJECTION]: 1. Ingestion points: Data entering the agent via blockchain API responses (NFT, Portfolio, and Token APIs). 2. Boundary markers: Absent. 3. Capability inventory: Execution of CLI tools (npx), shell command execution, and file system access. 4. Sanitization: Not explicitly specified for processing external API payloads.
Audit Metadata