Skills
skills/moonpay/skills/moonpay-trading-automation/Gen Agent Trust Hub

moonpay-trading-automation

Warn

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to create persistent shell scripts and schedule them using system task managers (crontab for Linux and launchd for macOS) to automate financial transactions.
  • [PROMPT_INJECTION]: The skill establishes an attack surface for indirect prompt injection by interpolating user-provided data such as token addresses, amounts, and wallet names directly into generated shell scripts.
  • Ingestion points: User-supplied parameters for trading strategy configuration.
  • Boundary markers: None present.
  • Capability inventory: File system writes, crontab and launchctl modification, and execution of the MoonPay CLI (mp).
  • Sanitization: The instructions do not define validation or escaping procedures for user inputs before they are interpolated into executable shell scripts.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 25, 2026, 04:57 PM