verify
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- CREDENTIALS_UNSAFE (MEDIUM): The skill requires the 'PRIVATE_KEY' environment variable for agent registration. Requesting and handling raw private keys within an agent environment is a high-risk practice that could lead to credential theft if the environment or the imported client is compromised.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection via blockchain metadata. Evidence Chain: 1. Ingestion points: The '/verify lookup' and default commands retrieve and display 'agent.card.name' and 'agent.card.description' from an external on-chain registry. 2. Boundary markers: Absent; external metadata is interpolated directly into response strings. 3. Capability inventory: No high-risk capabilities (exec, arbitrary network requests, file system access) are present in the provided index.ts. 4. Sanitization: No sanitization or escaping of the fetched metadata is performed before output.
- METADATA_DECEPTION (MEDIUM): The skill documentation contains deceptive claims, including a future launch date (January 29, 2026) and unverified statistics (19,000+ registered agents), which may be intended to falsely establish the maturity and trustworthiness of the protocol.
Audit Metadata