endaoment
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The donate.sh script calls an external utility bankr.sh via a relative path (../../bankr/scripts/bankr.sh) to handle blockchain transactions.
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to api.endaoment.org for searching charities and mainnet.base.org for computing contract addresses and verifying deployments.
- [PROMPT_INJECTION]: The search.sh script retrieves and displays organization names and descriptions from a remote API, creating an indirect prompt injection surface. Ingestion points: Charity metadata from api.endaoment.org. Boundary markers: None used to isolate the API response. Capability inventory: Transaction submission capabilities via the bankr integration. Sanitization: Descriptions are truncated to 200 characters but not checked for malicious instructions.
Audit Metadata