Skills
skills/franalgaba/grimoire/grimoire-pendle/Gen Agent Trust Hub

grimoire-pendle

Warn

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill suggests using npx -y @grimoirelabs/cli and mentions @grimoirelabs/venues. These packages are downloaded from the npm registry at runtime. Since the '@grimoirelabs' organization is not in the list of trusted sources, this introduces a supply-chain risk where malicious code could be introduced via the external package.
  • [COMMAND_EXECUTION] (LOW): The skill performs shell command execution using the grimoire CLI and npx. This is functional but provides a surface for command injection if user inputs (like RPC URLs) are not properly sanitized by the underlying agent.
  • [INDIRECT_PROMPT_INJECTION] (LOW):
  • Ingestion points: The skill fetches metadata from the external API endpoint https://api-v2.pendle.finance/core.
  • Boundary markers: Absent; there are no instructions to delimit or ignore instructions embedded within the fetched metadata.
  • Capability inventory: The skill has the ability to execute shell commands and fetch data from the network.
  • Sanitization: Absent; the skill does not explicitly describe any sanitization or validation of the remote API response before it is used by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 21, 2026, 04:24 PM