skills/jeremylongshore/claude-code-plugins-plus-skills/exploring-blockchain-data/Gen Agent Trust Hub
exploring-blockchain-data
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and displaying untrusted data from the blockchain.
- Ingestion points: Attacker-controlled data such as transaction input hex, event log topics, and token metadata (names/symbols) is retrieved from RPC providers and the CoinGecko API via
scripts/chain_client.pyandscripts/token_resolver.py. - Boundary markers: Absent. The skill does not wrap external data in delimiters or provide instructions to the agent to disregard embedded content, potentially allowing data to influence the agent's behavior.
- Capability inventory: The skill has access to sensitive tools including
Bash,Write, andEdit, which increases the potential impact if an agent follows instructions hidden in transaction data. - Sanitization: No filtering or sanitization is performed on data retrieved from external sources before it is formatted and presented to the agent.
Audit Metadata