Skills
skills/gate/gate-skills/gate-exchange-assets/Gen Agent Trust Hub

gate-exchange-assets

Warn

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The setup.sh script uses sudo to install the gate-cli binary into /usr/local/bin if the user-local installation fails.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the gate-cli binary and checksums from github.com/gate/gate-cli during the setup process.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from the Gate Exchange API. * Ingestion points: Data returned from gate-cli asset and account book commands. * Boundary markers: No explicit delimiters are used to isolate API data in the output templates. * Capability inventory: Shell command execution via gate-cli and setup.sh. * Sanitization: No explicit validation or escaping of API content before interpolation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 26, 2026, 03:51 PM