Skills
skills/lit-protocol/skills/lit-protocol-flows/Gen Agent Trust Hub

lit-protocol-flows

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads the @lit-protocol/flows package from the npm registry using npx -y for CLI operations.
  • [COMMAND_EXECUTION]: Utilizes various shell commands to manage the development lifecycle, including login, publish, invoke, and secrets management.
  • [DATA_EXFILTRATION]: The publish command uploads local JavaScript files to Lit Protocol's remote TEE infrastructure. This is the intended behavior for deploying functions to the platform.
  • [REMOTE_CODE_EXECUTION]: Triggering functions via the invoke command or HTTP API calls results in JavaScript execution within Lit Protocol's remote TEE environment.
  • [CREDENTIALS_UNSAFE]: Provides mechanisms for managing API keys and encrypted secrets. The instructions include placeholders for tokens and demonstrate setting secrets specifically for the TEE environment.
  • [PROMPT_INJECTION]: The skill processes untrusted user input via the params object during flow invocation.
  • Ingestion points: User-supplied input in the --params flag or HTTP request body flows into the params global variable in the TEE.
  • Boundary markers: None identified in the provided documentation.
  • Capability inventory: The TEE environment provides access to fetch, ethers, and Lit.Actions for blockchain and network operations.
  • Sanitization: No explicit sanitization or validation of the input parameters is described in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 04:48 PM