web3-dapp
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructions involve installing standard and reputable Node.js packages such as
wagmi,viem, and@rainbow-me/rainbowkit. These are industry-standard dependencies for Web3 development. - REMOTE_CODE_EXECUTION (LOW): The installation process recommends using
npx shadcn@latest init, which executes a remote script to set up UI components. This is a standard developer workflow but constitutes a remote code execution vector. - PROMPT_INJECTION (LOW): The skill dashboard is vulnerable to indirect prompt injection through external blockchain data.
- Ingestion points: NFT titles and descriptions are retrieved from the Alchemy API in
examples/hooks/use-nfts.tsand displayed in the dashboard. - Boundary markers: Absent; the fetched metadata is rendered directly without delimiters or instruction-ignore warnings.
- Capability inventory: The skill includes hooks for writing to smart contracts (
useContractWriteinexamples/hooks/use-contract.ts), creating a potential risk if an agent is tricked by malicious NFT metadata into proposing a transaction. - Sanitization: No specific sanitization or escaping is performed on the metadata before it enters the application context.
Audit Metadata