arweave
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill requires access to Arweave JWK wallet files containing private keys to sign transactions. While necessary for its core functionality, this involves handling highly sensitive cryptographic credentials.
- [PROMPT_INJECTION]: The query command processes untrusted data from the Arweave blockchain, creating an indirect prompt injection surface.
- Ingestion points: GraphQL query results from arweave.net and goldsky.com indexers.
- Boundary markers: Explicit instructions are provided to the agent to treat data as untrusted and avoid auto-execution.
- Capability inventory: Executes subprocesses via Node.js for file uploads and ArNS updates.
- Sanitization: Relies on agent-side logic and user confirmation checkpoints.
- [COMMAND_EXECUTION]: Spawns local Node.js processes to execute the skill's logic located in the index.mjs file.
Audit Metadata