blockchain-basics
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious behaviors, obfuscation, or persistence mechanisms were detected across the analyzed files.
- [EXTERNAL_DOWNLOADS] (SAFE): The automated scan flagged 'Account.re' as a malicious URL. Technical analysis of 'SKILL.md' confirms this is a false positive; the string is part of the Python call 'Account.recover_message' from the 'eth-account' library. The scanner erroneously identified the '.re' suffix (the Top Level Domain for Reunion) as a URL.
- [COMMAND_EXECUTION] (SAFE): The 'scripts/validate.py' script uses standard libraries to verify the presence of required files and the validity of YAML configurations. It correctly uses 'yaml.safe_load()' to prevent unsafe deserialization.
- [DATA_EXFILTRATION] (SAFE): No patterns for accessing sensitive local files or transmitting data to unauthorized external endpoints were found.
- [PROMPT_INJECTION] (SAFE): The instructions in 'SKILL.md' are strictly topical and educational, containing no override commands or bypass attempts.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata