rehypothecation-hook
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an architectural vulnerability to indirect prompt injection because it incorporates untrusted data from blockchain contract states and user-provided asset addresses.
- Ingestion points: Asset addresses and task-specific parameters extracted from external inputs.
- Boundary markers: No delimiters or instructions are present to prevent the agent from following commands embedded in external data.
- Capability inventory: The skill facilitates administrative blockchain operations, specifically setFeeDistribution, collectFees, and claimAirlockOwnerFees.
- Sanitization: The skill lacks validation or sanitization routines for data retrieved from the DopplerHookInitializer or contract state.
- [EXTERNAL_DOWNLOADS]: The skill references source code and deployment data from the Doppler GitHub repository for configuration and verification purposes.
Audit Metadata