emblemai-crypto-wallet
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of external software components, specifically the
@emblemvault/agentwalletpackage from NPM and skill modules from theEmblemCompany/Agent-skillsrepository on GitHub. - [COMMAND_EXECUTION]: Provides capabilities to execute token swaps and transfers on various blockchains, which are performed via POST requests to the
api.agenthustle.aibackend. The setup process also involves command-line execution for package installation. - [DATA_EXFILTRATION]: Transmits user-provided blockchain addresses and transaction parameters to an external API (
api.agenthustle.ai) to perform balance checks and financial operations. These network requests target domains associated with the skill's primary functionality. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes data from external, untrusted sources such as blockchain token metadata and API responses. Maliciously crafted content within these sources could potentially influence the agent's behavior during transaction execution.
- Ingestion points: Data retrieved from
GET /token/{chain}/{contract}andGET /portfolio/{address}. - Boundary markers: The skill lacks explicit instructions or delimiters to isolate untrusted data from the core system prompt.
- Capability inventory: Possesses significant capabilities including executing token swaps (
POST /swap) and transfers (POST /transfer). - Sanitization: Although it suggests using 'rugcheck' for contract verification, this does not prevent instructions embedded in token names or other metadata from being interpreted by the model.
Audit Metadata