injective-cli
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of the official
injectivedbinary to perform blockchain operations such as querying state and broadcasting transactions. - [DATA_EXFILTRATION]: The skill references standard sensitive local file paths (e.g.,
~/.injectived/keystore_password.txt) for account management. This is documented as the standard procedure for the official Injective CLI and is used for local authentication, with no indication of unauthorized external transmission. - [COMMAND_EXECUTION]: A utility script
scripts/map_injectived_cli.pyuses the Pythonsubprocessmodule to programmatically discover CLI subcommands by runninginjectived --help. The script uses a list-based command execution approach which prevents shell injection vulnerabilities.
Audit Metadata