alchemy-cli
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the official @alchemy/cli package from the npm registry, which is the legitimate distribution channel for the vendor's tool.
- [COMMAND_EXECUTION]: Operation of the skill depends on executing the alchemy binary to manage blockchain data, webhooks, and app configurations.
- [PROMPT_INJECTION]: The skill uses alchemy agent-prompt to dynamically discover command definitions. This creates an interface where the agent interprets external tool output as instructions (Category 8).
- Ingestion points: Command output from the CLI and data payloads in JSON arguments in SKILL.md.
- Boundary markers: The skill does not define specific delimiters or warnings to ignore embedded instructions in tool responses.
- Capability inventory: The agent can execute various shell commands via the alchemy CLI as documented in SKILL.md.
- Sanitization: No specific validation, escaping, or sanitization logic is provided for processing the CLI's responses.
Audit Metadata