gate-info-addresstracker
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and presents untrusted data from the blockchain that could be manipulated by third parties.
- Ingestion points: The skill retrieves address labels, risk scores, and transaction metadata via MCP tools info_onchain_get_address_info, info_onchain_get_address_transactions, and info_onchain_trace_fund_flow as defined in SKILL.md.
- Boundary markers: The output is structured using Markdown templates, but the skill does not provide specific instructions to the agent to treat external strings as non-executable data or to ignore embedded commands.
- Capability inventory: The skill's capabilities are restricted to read-only information retrieval and report generation, which significantly limits the potential for harm from an injection.
- Sanitization: The documentation does not specify any sanitization, filtering, or escaping of external data strings before they are included in the generated reports.
Audit Metadata