Bankr Agent - Polymarket
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHNO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill documentation outlines a high-privilege workflow where the agent ingests untrusted external content (market data) and performs sensitive financial operations (placing bets, bridging assets). This combination presents a HIGH risk tier as malicious instructions embedded in market data could manipulate the agent's logic to execute unauthorized transactions. Mandatory Evidence: (1) Ingestion Points: Polymarket market searches and odds checking. (2) Boundary Markers: None defined in documentation to separate untrusted data. (3) Capability Inventory: Scripted financial side effects including betting and asset bridging. (4) Sanitization: No input validation or filtering of external content described. Remediation: Use strict data schemas and enforce manual confirmation for transactions.
- No Code (INFO): No source code or executable scripts were provided; analysis is limited to the skill's documented behavior.
Recommendations
- AI detected serious security threats
Audit Metadata