Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/analyzing-mempool/Gen Agent Trust Hub

analyzing-mempool

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches real-time blockchain data from well-known and trusted RPC providers including LlamaNodes, Polygon, Arbitrum, Optimism, and Base to monitor mempool activity.
  • [PROMPT_INJECTION]: The skill exposes a potential surface for indirect prompt injection by processing untrusted transaction data from the public blockchain mempool.
  • Ingestion points: Pending transaction data (hashes, addresses, and input data) is fetched from the network via RPC methods in rpc_client.py.
  • Boundary markers: The analysis output does not utilize explicit delimiters or safety instructions to prevent the agent from obeying instructions embedded in transaction data.
  • Capability inventory: The skill provides capabilities for reading/writing files and executing its own Python analysis scripts via Bash.
  • Sanitization: The skill performs address truncation and method signature matching in tx_decoder.py, but it does not filter or sanitize the payload of transactions for potential natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 11:43 PM