Skills
skills/bankrbot/claude-plugins/Bankr Dev - Transfers/Gen Agent Trust Hub

Bankr Dev - Transfers

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Prompt Injection (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8) because it facilitates high-privilege financial actions using data derived from external sources. \n
  • Ingestion points: The {recipient}, {amount}, and {token} fields in SKILL.md accept untrusted natural language input. \n
  • Boundary markers: Absent; the usage examples demonstrate passing unformatted strings directly to the execution engine without delimiters. \n
  • Capability inventory: The skill possesses the capability to execute token transfers on multiple chains (Ethereum, Solana, etc.), which is a high-impact side effect. \n
  • Sanitization: No sanitization or validation logic is documented for social handles or ENS names, which could contain embedded malicious instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 06:46 PM