Skills
skills/bankrbot/skills/ens-primary-name/Gen Agent Trust Hub

ens-primary-name

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The shell scripts scripts/set-avatar.sh and scripts/set-primary.sh are vulnerable to injection attacks. They construct Node.js commands by directly interpolating shell variables like $ENS_NAME and $AVATAR_URL into code strings executed via node -e. An attacker can provide a crafted ENS name containing single quotes to break out of the JavaScript string and execute arbitrary commands.
  • [REMOTE_CODE_EXECUTION]: The injection vulnerability in the script generation logic allows for arbitrary JavaScript execution. This can be exploited to compromise the local system, access sensitive environment variables (such as the documented THIRDWEB_SECRET_KEY), or maliciously alter the transaction data before it is passed to the bankr CLI for signing.
  • [EXTERNAL_DOWNLOADS]: The skill requires the global installation of @bankr/cli and the viem library. While these are legitimate tools from the vendor and the Ethereum community, the skill's lack of input validation makes the environment where these tools operate highly susceptible to exploitation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 26, 2026, 03:12 AM