analyzing-on-chain-data
Warn
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions (SKILL.md) direct the agent to use the Read tool on a configuration file containing API credentials (config/crypto-apis.env). Access to files with sensitive patterns like .env poses a risk of exposure if the agent is manipulated into revealing the content.
- [EXTERNAL_DOWNLOADS]: Fetches metrics and market data from well-known technology services including DeFiLlama (api.llama.fi) and CoinGecko (api.coingecko.com).
- [COMMAND_EXECUTION]: Employs a namespaced bash tool (crypto:onchain-*) for running the provided Python-based analytics CLI, providing isolation for command execution.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external APIs (data_fetcher.py). Boundary markers and sanitization are absent in the processing logic. Capability inventory includes bash execution (SKILL.md) and file system access (SKILL.md).
Audit Metadata