zerion
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install external packages from NPM, specifically
zerion-cli,zerion-mcp-server, and@zerion/x402. These tools are provided by Zerion, a well-known service in the blockchain industry.- [COMMAND_EXECUTION]: The skill demonstrates and encourages the execution of shell commands, includingzerion-cli,curl, andjq, to retrieve and process wallet and market data.- [PROMPT_INJECTION]: The skill is designed to process untrusted external data from blockchain networks, such as transaction history and NFT metadata. This data is attacker-controllable and could contain malicious instructions intended to influence the agent's behavior. - Ingestion points: Wallet transaction details and NFT metadata retrieved via the Zerion API (referenced in SKILL.md and api-reference.md).
- Boundary markers: The documentation and examples do not provide explicit delimiters or instructions to the agent to ignore embedded commands within the processed data.
- Capability inventory: The skill documentation focuses on integration with the
bankrtool, which has the capability to execute financial transactions like swaps and setting stop-losses. - Sanitization: No sanitization or validation steps are mentioned for the content of the blockchain data before it is presented to the agent.
Audit Metadata