Skills
skills/tempoxyz/docs/tempo-docs/Gen Agent Trust Hub

tempo-docs

Warn

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file src/lib/private-zones.ts contains hardcoded basic authentication credentials (eng:bold-raman-silly-torvalds) used for accessing the Tempo testnet 'Zone A' and 'Zone B' RPC endpoints.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process external technical data.
  • Ingestion points: The skill uses mcp__tempo_mcp__read_page and mcp__tempo_mcp__read_source_file to read technical documentation and implementations from external repositories.
  • Boundary markers: Instructions in SKILL.md do not utilize delimiters or warnings to prevent the agent from obeying instructions embedded in the documentation or source files.
  • Capability inventory: The skill can perform network requests via read_web_page (documented in SKILL.md) and read arbitrary files from project-defined technical sources.
  • Sanitization: Content retrieved from documentation and source repositories is not explicitly sanitized before being presented to the agent context.
  • [EXTERNAL_DOWNLOADS]: The package.json file includes a dependency for vocs sourced from a non-standard package registry (https://pkg.pr.new/wevm/vocs@2fb25c2). Additionally, vite.config.ts includes a plugin that fetches documentation TIPs from a GitHub repository at build time.
  • [COMMAND_EXECUTION]: Technical analysis and build scripts, such as scripts/bundle-diff.ts, execute shell commands like pnpm build via execSync.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 6, 2026, 07:19 AM