stellar-skills
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill recommends the installation of several external packages and tools, including
@stellar/stellar-sdk,@creit.tech/stellar-wallets-kit, andscout-audit. These are not hosted by organizations on the Trusted GitHub Organizations list, making them 'unverifiable dependencies' according to the security framework. - COMMAND_EXECUTION (LOW): The skill provides bash command examples for using the
stellar CLIto build and deploy contracts. These are intended for user reference rather than automated agent execution, but they represent an interface with the host system. - SAFE (SAFE): All network endpoints (e.g., horizon.stellar.org) are standard public infrastructure for the blockchain. No evidence of obfuscation, credential exposure, or prompt injection was found.
Audit Metadata