grimoire-morpho-blue
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the agent to run 'npx -y @grimoirelabs/cli', which downloads and executes a package from the npm registry. The '@grimoirelabs' organization is not included in the trusted source list, making this an unverifiable external dependency.
- COMMAND_EXECUTION (LOW): The skill relies on shell commands (grimoire, npx, bun). There is a potential risk of command injection if the agent interpolates unsanitized user-provided values like chain IDs or asset symbols into the command arguments.
- DATA_EXPOSURE (LOW): The skill uses an --rpc-url parameter which may contain sensitive API keys depending on the provider used.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes external data from blockchain providers. (1) Ingestion points: Output from 'vaults' and 'addresses' commands. (2) Boundary markers: Absent; the skill does not define delimiters for the external data. (3) Capability inventory: Subprocess execution via npx and bun. (4) Sanitization: Absent; the skill does not specify how to sanitize the metadata before it is used to generate transaction parameters.
Audit Metadata