fix-bitcoin
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): Executes bitcoin-cli to perform sensitive financial operations like transaction signing and daemon management.
- [DATA_EXFILTRATION] (LOW): Accesses sensitive Bitcoin configuration files and wallet backups. While necessary for the skill's function, this presents a risk of private key exposure if the environment is not secured.
- [PROMPT_INJECTION] (LOW): Exposed to Indirect Prompt Injection (Category 8). 1. Ingestion points: Processes data from the check-bitcoin command and blockchain outputs. 2. Boundary markers: Absent; instructions and tool data are not delimited. 3. Capability inventory: Significant, including the ability to transfer funds and modify node configurations. 4. Sanitization: None; output from external commands is ingested directly into the agent context.
Audit Metadata