aoconnect
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
- Unverifiable Dependencies (LOW): The skill requires @permaweb/aoconnect. This package is maintained by the permaweb organization, which is not included in the Trusted GitHub Organizations list. While expected for the stated purpose, it remains an unverified external source.
- Indirect Prompt Injection (LOW): The skill is intended to interact with external AO processes. This creates an ingestion point for untrusted data from the blockchain. Without the implementation logic in index.mjs, the presence of sanitization or delimiters cannot be confirmed.
Audit Metadata