flare-fdc
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified due to the skill's primary purpose of handling external data attestations.
- Ingestion points: The skill guides users on processing
responseBodyandresponse_hexfrom FDC attestations, including arbitrary public Web2 content from theWeb2Jsontype. - Boundary markers: The skill includes a dedicated "Security and usage considerations" section in
SKILL.mdthat explicitly warns against passing external data into prompts or allowing it to influence agent behavior. - Capability inventory: This is an informational skill with no associated executable scripts or subprocess capabilities.
- Sanitization: The documentation provides clear guidance to decode and use data only according to the documented format and expected ABI/schema.
- [SAFE]: References to external resources are limited to official vendor-controlled domains and repositories.
- Trusted Sources: All GitHub references target
github.com/flare-foundation/and documentation links targetdev.flare.network. - Package Management: Mentions installation of the vendor-owned package
@flarenetwork/flare-wagmi-periphery-package. - Credential Handling: References to environment variables like
VERIFIER_API_KEY_TESTNETinSKILL.mduse safe UUID placeholders (00000000-0000-0000-0000-000000000000).
Audit Metadata