agirails-agent-payments
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@agirails/sdkpackage from npm and theagirailslibrary from PyPI. It also provides a command to fetch a skill configuration file frommarket.agirails.io. - [COMMAND_EXECUTION]: Utilizes various CLI commands, such as
npx actp init,actp balance, andactp publish, which are necessary for setting up the ACTP environment and managing on-chain agent transactions. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting user-provided answers to configuration questions which are then interpolated into generated code.
- Ingestion points: Step 2 mandatory onboarding questions (e.g., Agent Name, Services Needed).
- Boundary markers: Absent within the generated code templates.
- Capability inventory: File system access for keystore management, network operations for payments, and package installation.
- Sanitization: Implements alphanumeric validation for the 'Agent Name' input field.
- [SAFE]: The skill promotes secure credential management by advising against hardcoded private keys and recommending the use of encrypted keystores and environment variables. It also includes warnings about missing release calls on mainnet to prevent loss of funds.
Audit Metadata