Skills
NYC
skills/bankrbot/moltbot-skills/erc-8004/Gen Agent Trust Hub

erc-8004

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill fetches data from external IPFS and HTTPS sources.
  • scripts/get-agent.sh retrieves agent profile JSON from IPFS gateways (gateway.pinata.cloud, ipfs.io) or user-defined HTTPS URLs found on-chain.
  • COMMAND_EXECUTION (LOW): The skill executes blockchain transactions and data encoding scripts.
  • Multiple scripts use the bankr CLI to prompt the user for transaction signing and submission.
  • node -e is used throughout the scripts to perform hex encoding and decoding for Ethereum ABI parameters.
  • PROMPT_INJECTION (LOW): Surface for indirect prompt injection exists when fetching untrusted agent profiles.
  • Ingestion points: scripts/get-agent.sh (fetches remote JSON profiles).
  • Boundary markers: Absent; the raw or jq-parsed JSON is output to the agent context.
  • Capability inventory: Significant; the agent can trigger ETH bridging and on-chain registration transactions.
  • Sanitization: Partial; the script validates the URI starts with ipfs:// or https:// before fetching, but doesn't sanitize the returned JSON content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:31 PM