gmgn-cooking
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes untrusted user input for token attributes which are subsequently used in shell command arguments.
- Ingestion points: User-provided values for token name, symbol, and description fields collected during the guided launch flow in SKILL.md.
- Boundary markers: No specific boundary markers or instructions to treat user input as data rather than instructions are provided.
- Capability inventory: The skill utilizes the gmgn-cli tool to perform financial operations and local signing on Solana, BSC, Base, ETH, and TON chains.
- Sanitization: There is no evidence of input validation or sanitization of the user-provided strings before interpolation into shell commands.
- [COMMAND_EXECUTION]: The skill relies on constructing and executing shell commands using the gmgn-cli. The lack of input sanitization for user-provided parameters like token descriptions creates a risk of command injection.
- [EXTERNAL_DOWNLOADS]: The instructions guide the user to install the gmgn-cli utility from the global npm registry, which is a standard procedure for this vendor's tools.
Audit Metadata