Skills
skills/tenequm/claude-plugins/web3-protocol-gtm/Gen Agent Trust Hub

web3-protocol-gtm

Fail

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references the URL https://1kx.network in SKILL.md and references/metrics-launch.md as a source for an on-chain revenue report. This specific domain has been flagged as a malicious CryptScam site by automated security scanners, posing a direct threat to users who visit the link.
  • [COMMAND_EXECUTION]: The package.json file contains a validate script that executes python3 using a relative path (../.claude/skills/skill-creator/scripts/quick_validate.py). This reaches outside the skill's local directory to execute code on the host system, which constitutes a sandbox escape attempt and violates the principle of least privilege.
Recommendations
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 7, 2026, 04:52 AM