contract-learner
Fail
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches contract ABI data and metadata from Etherscan's official API, a well-known and standard service for blockchain data.
- [REMOTE_CODE_EXECUTION]: Recommends installing the Foundry development suite using a piped shell command (
curl -L https://foundry.paradigm.xyz | bash). While this is a common practice for this well-known service, it involves executing a script from a remote source. - [COMMAND_EXECUTION]: Utilizes the
castcommand-line utility to perform blockchain read calls and interface generation, which is necessary for its primary function. - [PROMPT_INJECTION]: Contains an indirect prompt injection surface.
- Ingestion points: ABI and metadata strings are retrieved via
cast interfaceandcurlwithinSKILL.md. - Boundary markers: The generated file uses standard markdown structure but lacks specific delimiters or guardrail instructions to prevent the agent from obeying instructions potentially hidden within contract function names.
- Capability inventory: The generated output grants the agent capabilities to execute transactions via
keypo-wallet sendand query the blockchain viacast call. - Sanitization: The skill does not explicitly sanitize or validate the content of the retrieved ABI before embedding it into the new instruction file.
Recommendations
- HIGH: Downloads and executes remote code from: https://foundry.paradigm.xyz - DO NOT USE without thorough review
Audit Metadata