hive
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions manage sensitive Hive private keys (Posting and Active keys). It directs users to store these in environment variables or a local configuration file at
~/.hive-tx-cli/config.json. - [EXTERNAL_DOWNLOADS]: The skill configuration initiates the installation of the
@peakd/hive-tx-clipackage from the npm registry during setup. - [DATA_EXFILTRATION]: The
hive uploadcommand functionality transmits local image files to external hosting providers such ashttps://images.ecency.com. - [COMMAND_EXECUTION]: The skill executes the
hivebinary with various subcommands and arguments, some of which may be derived from external data or user input. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from an external source (the Hive blockchain) and has high-impact capabilities (financial transfers).
- Ingestion points: Data is fetched from the blockchain via
hive content,hive replies,hive feed, andhive accountcommands (as seen inSKILL.md). - Boundary markers: The instructions do not specify the use of delimiters or 'ignore instructions' warnings when the agent processes the retrieved blockchain content.
- Capability inventory: The skill can perform
hive transfer,hive vote,hive publish,hive claim, andhive delegateoperations. - Sanitization: There is no mention of sanitizing or validating the content retrieved from the blockchain before it is processed by the agent.
Audit Metadata