last30days
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data retrieved from Reddit and X. While this creates a potential surface for indirect prompt injection, the skill employs several mitigations.
- Ingestion points: Untrusted data enters the agent context via research snippets and comments fetched in
scripts/lib/openai_reddit.pyandscripts/lib/xai_x.py. - Boundary markers: The skill uses structured JSON formatting for its internal data pipeline, which helps isolate external content from instructions.
- Capability inventory: The skill is capable of executing shell commands (Node.js for wallet operations and Python for the research orchestrator), writing files to the local filesystem (output reports), and making outbound network requests to search proxies.
- Sanitization: Content is truncated in
scripts/lib/normalize.pyandscripts/lib/websearch.pybefore being presented to the user, and the research prompts explicitly instruct the models to return only relevant, structured data. - [COMMAND_EXECUTION]: The skill's workflow involves the execution of a bundled JavaScript client (
fluxa-cli.bundle.js) for wallet management and a Python script (last30days.py) for data synthesis. These operations are performed within the expected scope of the skill's research and payment functionality. - [EXTERNAL_DOWNLOADS]: The skill communicates with vendor-managed API proxies (
proxy-monetize.fluxapay.xyz,agentid.fluxapay.xyz) to facilitate paid research queries and payment mandates. These endpoints are consistent with the skill's stated purpose and author context.
Audit Metadata