endaoment
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches charity information and EIN metadata from the official Endaoment API (api.endaoment.org) to verify organization details.
- [EXTERNAL_DOWNLOADS]: Queries the Base network public RPC (mainnet.base.org) to verify contract deployment status and compute addresses.
- [COMMAND_EXECUTION]: Orchestrates transaction submission by calling a local blockchain utility script (bankr.sh) to handle wallet interactions.
- [PROMPT_INJECTION]: Processes external charity descriptions from the Endaoment API; data is formatted using jq before being displayed, which minimizes risks associated with indirect content ingestion.
Audit Metadata