awesome-web3-security-overview
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill fetches content from a third-party GitHub repository (gmh5225/awesome-web3-security). This source is not on the trusted organizations list. While the content is markdown, fetching from untrusted external sources is a potential vector for data poisoning.
- [PROMPT_INJECTION] (LOW): The skill exhibits an Indirect Prompt Injection surface (Category 8). * Ingestion points: The agent is instructed to fetch and process the full README.md from a remote URL. * Boundary markers: There are no instructions to use delimiters or ignore instructions embedded within the fetched data. * Capability inventory: The skill is intended to maintain and organize the project files, implying capabilities to read and modify the local file system or repository. * Sanitization: No sanitization or validation of the remote data is performed before processing.
Audit Metadata