emblem-ai
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The 'reflexive' tool provides functionality for shell command execution and file modification. These features are documented as opt-in capabilities for developers that require explicit configuration via '--shell' and '--write' flags to be activated.
- [PROMPT_INJECTION]: The skill involves processing untrusted external data including blockchain project metadata (Migrate.fun) and application runtime data (logs and files) via the Reflexive tool. This establishes a surface for indirect prompt injection. Ingestion points include the Migrate.fun metadata API and application environment files. While the documentation warns developers to treat this data as untrusted, no specific boundary markers are defined in the provided snippets. The agent's capabilities when processing this data include transaction signing and local file system access.
- [EXTERNAL_DOWNLOADS]: The documentation specifies the installation of various NPM packages from the '@emblemvault' organization and the 'reflexive' package. These are recognized as official vendor resources for authentication and application debugging.
- [NO_CODE]: The skill package is composed entirely of Markdown documentation and reference materials, with no executable scripts, binaries, or configuration files included directly in the repository.
Audit Metadata