Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/analyzing-mempool/Gen Agent Trust Hub

analyzing-mempool

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by ingesting and displaying untrusted data from the Ethereum mempool.
  • Ingestion points: The rpc_client.py script fetches pending transaction fields such as input_data, from_address, and to_address from external blockchain RPC endpoints.
  • Boundary markers: The skill does not use delimiters or instructions to the agent to ignore potentially malicious content embedded within the transaction data when presenting results via formatters.py.
  • Capability inventory: According to SKILL.md, the agent has access to Bash, Read, Write, Edit, Grep, and Glob tools, which could be exploited if an injected instruction is followed.
  • Sanitization: While tx_decoder.py attempts to decode hex data into method names, it does not sanitize the resulting strings or the raw input data before it is printed to the console and read by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 09:29 PM