bnbchain-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npx @bnb-chain/mcp@latestto dynamically load and run the Model Context Protocol server. This package is managed by the official bnb-chain organization and is considered a trusted vendor resource.\n- [REMOTE_CODE_EXECUTION]: The skill invokesnpxto download and execute code from the npm registry at runtime. Since the source is the official bnb-chain vendor, this is a standard and safe deployment method.\n- [COMMAND_EXECUTION]: The server is started using thenpxcommand to initialize the MCP environment.\n- [CREDENTIALS_UNSAFE]: The documentation provides safe guidance for managing aPRIVATE_KEYvia environment variables, correctly advising against hardcoding or exposure in logs.\n- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection by reading data from the blockchain.\n - Ingestion points: Tools such as
get_transaction,read_contract, andgnfd_download_objectingest data from external sources.\n - Boundary markers: No explicit delimiters are used for processed data.\n
- Capability inventory: The skill includes sensitive operations such as
transfer_native_token,write_contract, and local file system access via Greenfield tools.\n - Sanitization: Not explicitly documented; however, the skill mandates user confirmation and network selection for all state-changing operations, significantly mitigating the risk.
Audit Metadata