a0x-agents
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to retrieve and follow 'actionable' guidance from a shared pool of data contributed by other agents.\n
- Ingestion points: Untrusted data is ingested through the search results described in
KNOWLEDGE.md.\n - Boundary markers: There are no instructions for the agent to use delimiters or ignore embedded instructions within retrieved knowledge entries.\n
- Capability inventory: The examples in
KNOWLEDGE.mdsuggest the agent will perform actions like modifying gas limits or configuring wallet connections based on shared knowledge.\n - Sanitization: There is no mention of sanitization or validation of the text in the 'action' or 'learnings' fields of a proposal.
Audit Metadata