evm-swiss-knife
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The installation instructions include the command
curl -L https://foundry.paradigm.xyz | bash, which downloads and executes a script from an untrusted external source directly in the user's shell. This is a primary vector for malware installation and system compromise. - EXTERNAL_DOWNLOADS (HIGH): The skill relies on downloading and executing software from
foundry.paradigm.xyzand referencinggetfoundry.sh, neither of which are within the predefined trusted sources list. - CREDENTIALS_UNSAFE (HIGH): The documentation provides examples such as
cast send --private-key <pk>, which encourages users to pass sensitive blockchain private keys as plaintext command-line arguments. This risk leads to credential exposure in shell history files (.bash_history), process monitoring tools, and system logs. - COMMAND_EXECUTION (MEDIUM): The skill is designed to generate and execute complex shell commands (
cast) based on user-provided inputs like RPC URLs and contract addresses, posing a risk of command injection if parameters are not strictly validated. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes external data from
https://chainlist.org/rpcs.json. - Ingestion points: Fetched via
curland parsed withjqinSKILL.md. - Boundary markers: Absent; the skill trusts the structure and content of the external JSON.
- Capability inventory: Use of
castfor transactions and network exploration. - Sanitization: None; if the external RPC list is compromised, an attacker could inject malicious RPC endpoints that return fraudulent data to the agent.
Recommendations
- HIGH: Downloads and executes remote code from: https://foundry.paradigm.xyz - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata