Skills
skills/tempoxyz/wallet/tempo/Gen Agent Trust Hub

tempo

Fail

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The setup instructions in SKILL.md and README.md direct the user to install the software using curl -fsSL https://tempo.xyz/install | bash. While this originates from the vendor's domain (tempo.xyz belonging to tempoxyz), piping remote scripts directly into a shell is a high-risk execution pattern.
  • [PROMPT_INJECTION]: SKILL.md contains instructions that attempt to override the agent's default behavior, specifically telling the agent to ignore summaries from web fetch tools and stating "Do NOT search for additional documentation." It also includes a behavioral override requiring the agent to use the tempo CLI instead of other available tools.
  • [EXTERNAL_DOWNLOADS]: The skill fetches its setup configuration and installation binaries from external URLs (https://tempo.xyz/SKILL.md, https://tempo.xyz/install).
  • [DATA_EXFILTRATION]: The skill implements usage telemetry in crates/tempo-common/src/analytics.rs using the PostHog service. It captures environment metadata and wallet addresses. While the code includes redaction logic for sensitive headers, it constitutes a data collection surface for an external domain.
  • [SAFE]: The skill demonstrates good security practices in its handling of local files, such as setting 0o600 permissions for the keys.toml wallet file in crates/tempo-common/src/keys/io.rs and the config.toml file in crates/tempo-common/src/config.rs.
Recommendations
  • HIGH: Downloads and executes remote code from: https://tempo.xyz/install - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
May 8, 2026, 06:42 AM