0g-compute
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches market pricing for the 0G token from CoinGecko's public API within
scripts/0g-price-compare.sh.\n- [EXTERNAL_DOWNLOADS]: Retrieves model metadata and pricing from OpenRouter's public API to facilitate comparison inscripts/0g-price-compare.sh.\n- [COMMAND_EXECUTION]: Uses the@0glabs/0g-compute-clitool to interact with the decentralized compute network and perform hardware attestation checks.\n- [COMMAND_EXECUTION]: Executes an embedded Python script inscripts/0g-price-compare.shto process price data and generate a comparison table.\n- [PROMPT_INJECTION]: Indirect injection surface identified inscripts/0g-price-compare.shthrough ingestion of external pricing data.\n - Ingestion points:
scripts/0g-price-compare.sh(external API calls to CoinGecko and OpenRouter).\n - Boundary markers: Not implemented for console-bound comparison results.\n
- Capability inventory: Subprocess calls to
0g-compute-cliandpython3, network operations viacurl, and temporary file creation withmktempinscripts/0g-price-compare.sh.\n - Sanitization: Employs JSON parsing and explicit float conversion for price data validation.
Audit Metadata