depin-infrastructure-fetcher
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Prompt Injection] (LOW): The skill ingests untrusted data from external domains (depinscan.io, messari.io, helium.io) and through general web search tools. Evidence: 1. Ingestion Points: WebFetch and WebSearch tools in SKILL.md. 2. Boundary Markers: Instructions in SKILL.md mandate validating all external data against a schema. 3. Capability Inventory: Permission to read local files, use web tools, and write to a todo list. 4. Sanitization: The skill implements schema validation for external data and sanitizes location queries.
- [External Downloads] (SAFE): The skill uses WebFetch to access specific external domains (helium.io, messari.io, depinscan.io). This is required for its intended purpose of retrieving DePIN metrics and does not involve downloading or executing untrusted code.
- [Command Execution] (SAFE): The skill executes a local script (fetch-depin-data.ts) using npx tsx. This is a standard and safe method for skill implementation when working with local project files.
Audit Metadata