Skills
skills/tradingstrategy-ai/web3-ethereum-defi/get-block-number/Gen Agent Trust Hub

get-block-number

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to generate and run Python code dynamically. It specifically commands the agent to use source .local-test.env && poetry run python, which involves executing the contents of a local shell file. This can lead to arbitrary command execution if the .local-test.env file is compromised.
  • CREDENTIALS_UNSAFE (MEDIUM): The logic explicitly accesses environment variables using the pattern JSON_RPC_{CHAIN}. Blockchain RPC URLs frequently contain embedded sensitive API keys or tokens (e.g., Infura or Alchemy keys). Accessing these via a generated script increases the risk of accidental exposure or exfiltration if the output is poorly handled.
  • EXTERNAL_DOWNLOADS (LOW): The skill depends on web3 and eth-defi packages. While web3 is a standard library, eth-defi is a specialized third-party library. These would be installed via poetry, introducing external dependencies into the execution environment.
  • PROMPT_INJECTION (LOW): The {CHAIN} placeholder is a template variable. If an attacker provides a malicious string for the chain name (e.g., using shell metacharacters or path traversal syntax), they might attempt to manipulate the environment variable lookup or the generated script behavior, although the risk is limited by the Python execution context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:15 PM