token-scam-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to dynamically generate and execute Node.js scripts using the
execute_clitool. These scripts facilitate advanced on-chain analysis through theviemlibrary, including batch balance checks and bytecode analysis to identify smart-wallet proxies. - [PROMPT_INJECTION]: The analysis process ingests untrusted data from multiple external sources, such as blockchain metadata, social media sentiment, and third-party documentation. This ingestion creates an attack surface for indirect prompt injection, where malicious content embedded in the analyzed data could attempt to subvert the agent's reasoning or verdict.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the
viemNode.js package for blockchain interactions. This is a well-known, industry-standard library maintained by reputable contributors, and its use is consistent with the skill's technical requirements.
Audit Metadata