byreal-cli
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
byreal-clibinary to perform blockchain operations, manage wallets, and query DEX metadata. - [EXTERNAL_DOWNLOADS]: The skill installs the
@byreal-io/byreal-clipackage globally via npm. It also includes an update mechanism through thebyreal-cli update installcommand. These resources originate from the vendor. - [DATA_EXFILTRATION]: The skill accesses sensitive local file paths at
~/.config/byreal/keys/for managing Solana private keys. While the instructions emphasize local storage and restrictive file permissions (0600), accessing the wallet configuration is a high-privilege operation. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from processed data.
- Ingestion points: Data retrieved via
byreal-cli skill,byreal-cli catalog list, and blockchain-sourced token or pool metadata. - Boundary markers: Absent; no delimiters or warnings are used to separate tool output from agent instructions.
- Capability inventory: Includes shell command execution, global package installation, and sensitive file system access.
- Sanitization: No explicit sanitization or validation of external tool output or on-chain data is defined.
Audit Metadata