web3-security-tooling
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface. The skill instructions require the agent to fetch a resource list from an external, untrusted source which may contain hidden instructions.
- Ingestion points: Remote file
https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.mdreferenced inSKILL.md. - Boundary markers: None specified; the agent is not instructed to ignore embedded instructions in the external content.
- Capability inventory: The agent is tasked with organizing and updating a project's
README.md, which involves write operations to the local filesystem. - Sanitization: No sanitization or validation logic is defined for the fetched content.
- [EXTERNAL_DOWNLOADS] (LOW): The skill identifies an external GitHub repository (
gmh5225/awesome-web3-security) as a mandatory data source. This repository is not on the trusted sources list, posing a risk that the ingested data could be tampered with to exploit the agent's logic.
Audit Metadata