Skills
skills/hairyf/blockchain-master/mempool/Gen Agent Trust Hub

mempool

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill enables the ingestion of untrusted external data from the Bitcoin and Liquid blockchains, which creates a potential surface for indirect prompt injection where an attacker could embed instructions in transaction data (e.g., OP_RETURN) to influence agent behavior.
  • Ingestion points: Transaction details and block data retrieved via endpoints such as /api/v1/tx/:txId and /api/v1/address/:address/txs.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided in the references.
  • Capability inventory: The skill allows reading sensitive chain state and broadcasting transactions via POST /api/v1/tx.
  • Sanitization: The provided documentation does not outline any sanitization or validation of the data returned by the API before processing.
  • [NO_CODE]: The skill consists entirely of markdown documentation and contains no executable code, scripts, or installation binaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 09:46 PM