Skills
skills/bankrbot/claude-plugins/Bankr Dev - Arbitrary Transactions/Gen Agent Trust Hub

Bankr Dev - Arbitrary Transactions

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill processes untrusted user-provided transaction data and interpolates it directly into the agent's execution context.\n
  • Ingestion points: The ArbitraryTx object properties (to, data, value, chainId) in SKILL.md.\n
  • Boundary markers: Absent. The code uses JSON.stringify(tx) to embed data directly into a natural language command string without delimiters.\n
  • Capability inventory: High-impact ability to perform arbitrary transactions and contract calls on Ethereum, Polygon, Base, and Unichain via the execute capability.\n
  • Sanitization: Validation is limited to structural checks (regex for addresses, hex prefix for data) which do not prevent malicious instruction injection or the execution of hostile smart contract calldata.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 06:45 PM