Skills
skills/hubblevision/polyhub-skills/polyhub_discover/Gen Agent Trust Hub

polyhub_discover

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the bash tool to execute curl commands for all API interactions. While necessary for its purpose, executing shell commands is a powerful capability.
  • [EXTERNAL_DOWNLOADS]: Fetches data from an external API endpoint (polyhub.skill-test.bedev.hubble-rpc.xyz) to retrieve market tags, trader rankings, and statistics.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from an external API and uses it to perform multi-step analysis and make recommendations to the user.
  • Ingestion points: Data enters the agent context through several API endpoints including /api/v1/traders-v2/ and /api/v1/traders/by-address (SKILL.md).
  • Boundary markers: The instructions do not define delimiters or specific safety instructions for the agent when parsing the JSON responses from the API.
  • Capability inventory: The skill has the capability to execute shell commands via bash for network requests; no file system write or persistent execution capabilities were found.
  • Sanitization: There is no evidence of sanitization or validation of the API's content before the agent interprets it to identify 'smart money' or 'profitable traders'.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 08:51 AM