example-skill
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFE
Full Analysis
- Credentials Unsafe (MEDIUM): Both
examples/basic/example.tsandtemplates/setup.tsinclude aloadWalletfunction designed to read unencrypted Solana private keys from a file (defaulting to./keypair.json). This pattern is a security risk as it exposes sensitive credentials to the runtime environment and the agent.\n- Indirect Prompt Injection (LOW): The skill demonstrates a capability to read from the filesystem and environment variables without sanitization, creating a surface for indirect prompt injection if those inputs are controlled by an attacker.\n - Ingestion points: Environment variables (
SOLANA_RPC_URL,WALLET_PATH) and the local file system (viafs.readFileSync).\n - Boundary markers: Absent. The code does not use delimiters or instructions to ignore embedded commands in the data it processes.\n
- Capability inventory: The skill can read from the filesystem and perform network operations via the
@solana/web3.jslibrary.\n - Sanitization: Absent. Data from external sources (RPC, environment, files) is processed without validation or escaping.
Audit Metadata