Bankr Dev - Portfolio
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill utilizes untrusted user input to fetch sensitive financial information, creating a potential vector for manipulation.
- Ingestion points: Variable placeholders like {chain} and {token} found in the prompt patterns in SKILL.md.
- Boundary markers: There are no delimiters or explicit instructions to the agent to disregard instructions embedded within user variables.
- Capability inventory: The skill has the capability to read total balances, token holdings, and valuations across Base, Polygon, Ethereum, Unichain, and Solana.
- Sanitization: The provided documentation and code snippets do not include any validation or escaping mechanisms for the interpolated parameters.
Audit Metadata