skale
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides code patterns and architectural guidance for building AI agents that consume data from untrusted external URLs (found in
rules/agents-on-skale.mdandrules/x402-on-skale.md). This represents a surface for indirect prompt injection. - Ingestion points: The
accessResource(url)andgetWeather()methods in the provided TypeScript examples fetch data from arbitrary or semi-arbitrary endpoints. - Boundary markers: The example code lacks implementation of delimiters or instructions to ignore embedded prompts within the retrieved content.
- Capability inventory: The agents described have access to private keys (for on-chain transactions via
viem/ethers), network operations (fetch), and LLM invocation via LangChain. - Sanitization: No input validation or output sanitization is present in the developer templates to handle potentially malicious payloads from remote resources.
Audit Metadata