Skills
skills/mission69b/t2000-skills/t2000-send/Gen Agent Trust Hub

t2000-send

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the @t2000/cli package, which is fetched from the npm registry and initialized via npx as specified in the metadata.
  • [COMMAND_EXECUTION]: The skill executes the t2000 command-line tool to process transactions, passing user-provided parameters directly to the shell.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the lack of sanitization for user-provided data. 1. Ingestion points: and <address_or_contact> variables. 2. Boundary markers: Absent; user input is interpolated directly into the command string. 3. Capability inventory: Execution of the t2000 CLI tool. 4. Sanitization: No explicit escaping or validation of recipient addresses or contact names is provided in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 08:03 AM