t2000-mcp
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @t2000/cli vendor package from the npm registry to provide core banking and MCP server capabilities.
- [COMMAND_EXECUTION]: Instructs the user to run CLI commands for wallet initialization, defining financial safeguards (e.g., maxPerTx), and launching the MCP server.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through tools that ingest external transaction history and service data.
- Ingestion points: Account snapshots, transaction history, and MPP service endpoints provided by the t2000 infrastructure (SKILL.md).
- Boundary markers: No specific delimiters or instruction-isolation warnings are specified for tool outputs.
- Capability inventory: Includes high-impact financial operations such as sending USDC, borrowing assets, and paying for services (SKILL.md).
- Sanitization: Uses mandatory financial limit configurations and dry-run support to provide human-in-the-loop validation and limit potential damage (SKILL.md).
Audit Metadata