t2000-send
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation specifies a dependency on the @t2000/cli package via npx. This source is not verified as a trusted vendor and does not match the known patterns for the stated author mission69b.
- [COMMAND_EXECUTION]: The skill invokes the t2000 command-line utility to perform financial operations. This tool is granted significant access to the agent's environment and wallet reserves to execute transfers.
- [REMOTE_CODE_EXECUTION]: The initialization instruction npx @t2000/cli init fetches and executes code from a remote registry at runtime, which allows for arbitrary execution of the package contents.
- [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection because it ingests untrusted parameters (amount, asset, and address) and interpolates them into shell commands without visible sanitization or boundary markers.
Audit Metadata