cardano-cli-transactions-operator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): Uses standard cardano-cli commands for blockchain interactions. Execution is protected by a manual-invoke requirement and explicit human confirmation before sensitive actions like transaction submission.
- [CREDENTIALS_UNSAFE] (SAFE): The skill references a signing key file path (<payment.skey>) required for cryptographic signatures, but no hardcoded keys or secrets are present in the code.
- [DATA_EXFILTRATION] (SAFE): No network exfiltration or unauthorized data transfer patterns were identified.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to bypass safety filters or override agent constraints were found.
- [INDIRECT_PROMPT_INJECTION] (SAFE): 1. Ingestion points: Reads local JSON files (utxos.json, pparams.json) generated by the trusted cardano-cli tool. 2. Boundary markers: No explicit delimiters, but the skill is human-invocable only. 3. Capability inventory: Limited to cardano-cli operations and local file management. 4. Sanitization: Relies on structured CLI output and manual user verification of transaction details.
Audit Metadata