check-lightning
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes standard Lightning Network CLI tools (
lncli,lightning-cli) to retrieve node status, channel balances, and connectivity info. These operations are consistent with the skill's stated purpose of auditing node health. - [DATA_EXPOSURE] (LOW): The skill accesses sensitive financial information, including wallet balances (
walletbalance), channel liquidity, and payment history. While necessary for a financial audit, this data enters the agent's context and should be handled securely. No evidence of external exfiltration (e.g., viacurlorwget) was found. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes data from external sources, such as invoice memos and forwarding history, which could theoretically contain malicious instructions (Indirect Prompt Injection).
- Ingestion points:
lncli listinvoices,lncli fwdinghistory. - Boundary markers: Absent in the provided scripts.
- Capability inventory: Shell command execution via
lncliandlightning-cli. - Sanitization: No explicit sanitization or escaping of external strings is shown.
Audit Metadata