trustless-work-dev
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [EXTERNAL_DOWNLOADS] (INFO): The skill references external resources including the installation of the
@trustless-work/blocksNPM package and the skill itself from GitHub. These are standard for platform integration and originate from the project's official organization. - [COMMAND_EXECUTION] (INFO): The documentation includes CLI commands such as
npx trustless-work addfor managing UI components andnpm installfor dependencies, which are standard developer operations. - [CREDENTIALS_UNSAFE] (INFO): The skill correctly identifies the need for API keys and advises using environment variables (
process.env.TRUSTLESS_WORK_API_KEY) and secure headers, adhering to security best practices for credentials. - [PROMPT_INJECTION] (SAFE): No evidence of malicious behavior overrides or attempts to bypass safety filters was found in the triggers or instructional content.
- [DATA_EXFILTRATION] (SAFE): No suspicious data access or exfiltration patterns were identified; network operations described are limited to official API and Stellar blockchain interactions.
Audit Metadata