trust-web3-provider
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several npm packages under the @trustwallet scope for core functionality and blockchain-specific support, which are verified vendor resources.
- [COMMAND_EXECUTION]: The documentation describes using local commands like bun run generate and bun run build for managing the provider monorepo and scaffolding new chains.
- [PROMPT_INJECTION]: The provider architecture processes untrusted data from dApps, creating a surface for indirect prompt injection. 1. Ingestion points: Data enters the system through params.name and params.params in the Web3Provider handler in SKILL.md. 2. Boundary markers: The examples do not demonstrate the use of delimiters to isolate dApp-provided strings. 3. Capability inventory: The handler implementation demonstrates the execution of sensitive operations such as signPersonalMessage and sendTransaction as seen in the Handler Routing Pattern section of SKILL.md. 4. Sanitization: The provided snippets focus on routing logic and do not include input validation or sanitization of external parameters.
Audit Metadata