aomi-transact
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill verifies and installs the
@aomi-labs/clientandviempackages from the npm registry if they are not detected in the environment.\n- [COMMAND_EXECUTION]: Uses Bash to execute Aomi CLI tools for session management, transaction review, and signing operations.\n- [PROMPT_INJECTION]: The skill processes user-supplied messages to construct blockchain transactions, creating an indirect prompt injection surface.\n - Ingestion points: The
<message>parameter in theaomi chatcommand (SKILL.md).\n - Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands within the user message.\n
- Capability inventory: The
aomi signcommand (SKILL.md) allows for the signing and broadcasting of arbitrary transactions to the network.\n - Sanitization: No input sanitization or validation logic is specified for the chat messages.\n- [CREDENTIALS_UNSAFE]: The instructions direct users to provide private keys as command-line arguments (
--private-key <hex-key>), which is a security risk as keys may be logged in shell history files (e.g.,~/.bash_history).
Audit Metadata