auditing-wallet-security
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a potential indirect prompt injection surface because it presents metadata from untrusted external sources directly to the agent.
- Ingestion points: Metadata including contract names, spender names, and transaction method descriptions are retrieved from external block explorer APIs (e.g., Etherscan) and blockchain RPC providers in
scripts/approval_scanner.pyandscripts/tx_analyzer.py. - Boundary markers: The skill does not use explicit delimiters or instructions to warn the agent about potentially malicious content in the external metadata.
- Capability inventory: The agent has access to
Bash,Write, andEdittools, which could be misused if the agent is influenced by injected instructions. - Sanitization: No sanitization or validation of the retrieved external metadata is performed before it is displayed in the audit reports.
Audit Metadata