agentcast
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to track Farcaster casts and on-chain transactions in real time, creating an indirect prompt injection attack surface. * Ingestion points: External Farcaster social feeds and Base network transaction metadata. * Boundary markers: Documentation does not mention delimiters or instructions to ignore embedded commands in processed data. * Capability inventory: The skill utilizes a CLI script (register-erc8004.mjs) for on-chain registration. * Sanitization: No sanitization or validation logic for external data is described.
- [EXTERNAL_DOWNLOADS]: The documentation references an external tool for account creation located at github.com/rishavmukherji/farcaster-agent, which is a third-party repository not included in the trusted vendor list.
Audit Metadata