Skills
skills/moonpay/skills/moonpay-swap-tokens/Gen Agent Trust Hub

moonpay-swap-tokens

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill depends on the execution of the 'mp' (MoonPay) command-line utility. The safety of the operation depends on the integrity and correct installation of this tool in the host environment.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8). It instructs the agent to interpolate user-provided parameters such as wallet names, chain identifiers, and blockchain token addresses directly into shell command templates.
  • Ingestion points: Parameters like '--wallet', '--chain', '--from-token', and '--from-amount' in the SKILL.md file.
  • Boundary markers: The skill lacks explicit instructions or markers to sanitize or validate user input before placing it into the CLI commands.
  • Capability inventory: The skill has the capability to execute system commands through the 'mp' CLI to perform financial transactions.
  • Sanitization: No sanitization logic or validation steps for external input are documented within the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 10:25 PM