trade
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill uses 'npx awal@latest' which fetches the 'awal' package from the public npm registry during tool invocation. This introduces a supply chain risk as the package is not from a trusted organization and lacks version pinning.
- [REMOTE_CODE_EXECUTION] (MEDIUM): Running 'npx' involves downloading and executing remote JavaScript code. If the 'awal' package is compromised on the registry, it could lead to arbitrary code execution on the host system.
- [COMMAND_EXECUTION] (LOW): The skill is designed to execute bash commands for financial transactions. While this is the primary purpose, it creates a surface for command-line interactions that should be strictly monitored for argument injection.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill interpolates user-provided data into a shell command.
- Ingestion points: '', '', and '' arguments are derived from user input.
- Boundary markers: None identified in the provided command syntax.
- Capability inventory: Access to 'Bash' with 'npx' execution capabilities.
- Sanitization: No explicit sanitization or validation of inputs is described beyond a recommendation to single-quote amounts.
Audit Metadata