openfort
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to the official Openfort API at
https://www.openfort.io/api/mcpto retrieve documentation and metadata for its source code repositories. - [COMMAND_EXECUTION]: The skill exposes the
openfortcommand-line interface as a local MCP server, providing the agent with tools to manage accounts and execute on-chain transactions. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads external documentation and code which then informs the agent's use of powerful CLI tools.
- Ingestion points: External data enters the context via the
mcp__openfort-docs__read_pageandmcp__openfort-docs__read_source_filetools. - Boundary markers: No specific delimiters or instructions to ignore embedded content are defined in the skill documentation.
- Capability inventory: The agent can perform sensitive blockchain operations using the
@openfort/clisuite. - Sanitization: The skill does not implement explicit validation or sanitization for the content retrieved from external sources.
Audit Metadata