smart-money-tracker
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and displays information from the public blockchain, which is an untrusted external source.
- Ingestion points: Data such as token symbols, names, and website links are fetched from the onchainos dex-token info and onchainos dex-market signal-list tools.
- Boundary markers: The skill uses markdown headers and tables to structure output, but it does not provide explicit instructions to the agent to ignore instructions that might be embedded in the retrieved metadata.
- Capability inventory: The skill provides the agent with the ability to execute CLI commands using the onchainos toolset.
- Sanitization: There is no evidence of sanitization or filtering of the external data strings before they are processed by the agent.
Audit Metadata