Skills
skills/technophile-04/ethereum-app-skill/ethereum-app-builder/Gen Agent Trust Hub

ethereum-app-builder

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill executes npx create-eth@latest, which downloads and runs code from the npm registry. The package create-eth is not maintained by a verified trusted organization listed in the security policy.
  • REMOTE_CODE_EXECUTION (MEDIUM): The use of npx to download and immediately execute a remote package allows for unvetted code execution on the host system.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill is instructed to fetch and use reference skills from an untrusted GitHub repository (technophile-04/ethereum-app-skill). This introduces a supply chain vulnerability where the agent's behavior can be altered by updates to the remote repository.
  • PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface by treating the AGENTS.md file (produced by the scaffolding tool) and third-party remote skills as 'sources of truth'.
  • Ingestion points: <project-name>/AGENTS.md and technophile-04/ethereum-app-skill/main/skills/ponder/SKILL.md.
  • Boundary markers: None present; the agent is told to follow the instructions 'strictly' and treat them as the 'source of truth'.
  • Capability inventory: Subprocess execution via npx and potentially other commands defined in the fetched skills.
  • Sanitization: None observed.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 09:21 AM