skills/teneoprotocolai/teneo-skills/aave-v3-liquidation-watcher-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-teneo/Gen Agent Trust Hub
aave-v3-liquidation-watcher-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-powered-by-teneo-protocol-teneo
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill metadata (name and description) contains excessive repetition of the phrase 'powered by Teneo Protocol'. This constitutes deceptive and misleading metadata which can interfere with agent operations or catalog visibility.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and process data from the external Aave V3 protocol.
- Ingestion points: Untrusted data is ingested from external blockchain sources via the 'teneo' CLI.
- Boundary markers: The instructions fail to provide delimiters or instructions to the agent to disregard instructions embedded in the ingested data.
- Capability inventory: The skill requires the ability to execute shell commands (e.g., '~/teneo-skill/teneo list-agents').
- Sanitization: There is no evidence of data sanitization, escaping, or schema validation for the external tool output.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform its core functions by executing local shell commands using the 'teneo' binary.
- [NO_CODE]: The skill consists solely of markdown instructions and metadata; it does not include any scripts, compiled binaries, or source code files.
Audit Metadata