endaoment
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches charity organization metadata from 'api.endaoment.org' and retrieves blockchain state from the official Base RPC endpoint ('mainnet.base.org'). These network operations are strictly limited to the skill's primary function and target well-known, service-specific infrastructure.
- [COMMAND_EXECUTION]: The skill executes the 'bankr' CLI tool to handle transaction signing via the 'bankr prompt' command. This is a standard and safe way for the agent to interact with the user's wallet, as it requires manual confirmation for any submitted transactions.
- [DATA_EXFILTRATION]: No access to sensitive local files (such as SSH keys, AWS credentials, or environment variables) was detected. The scripts only process charity EINs and donation amounts provided as inputs.
Audit Metadata