hydric-token-baskets-user
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill references data from cdn.jsdelivr.net and the hydric-org/token-baskets GitHub repository. This organization is not among the trusted entities defined in the security policy, making the data source unverifiable.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill is designed to process external JSON data. Ingestion points: External basket JSON files containing name and description fields. Boundary markers: None are defined to isolate untrusted text from agent instructions. Capability inventory: The skill provides logic for network requests and address verification but lacks high-risk command execution capabilities. Sanitization: No sanitization is performed on text fields; only address strings are normalized to lowercase.
Audit Metadata