trust-wallet-cli
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@trustwallet/clipackage via NPM. This is an official vendor resource from 'trustwallet' and is necessary for the skill's functionality.\n- [COMMAND_EXECUTION]: The skill executes varioustwakCLI commands to perform legitimate wallet operations, such as creating accounts, signing messages, and querying balances. The commands follow established security practices for non-custodial wallets.\n- [DATA_EXFILTRATION]: The skill includes functionality for token transfers and the x402 micropayment protocol. While these involve network operations and asset movement, they are core features that incorporate safety mechanisms like payment caps and interactive user confirmation to prevent unauthorized access or exfiltration.\n- [PROMPT_INJECTION]: The skill interacts with external data from blockchains and HTTP endpoints, which represents a surface for indirect prompt injection.\n - Ingestion points: Market data queries (
references/market.md), transaction history logs (references/history.md), and external HTTP responses via x402 requests (references/x402.md).\n - Boundary markers: No explicit delimiters are specified in the reference documentation for separating external data from agent instructions.\n
- Capability inventory: The agent has the capability to send funds, perform swaps, and approve ERC-20 spenders across multiple chains.\n
- Sanitization: The skill mitigates risks by providing dedicated commands for address validation and token risk auditing (
references/token-risk.md), which check for honeypots and contract safety signals before interaction.
Audit Metadata