eigen-rewards
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): Network requests are made to api.eigenexplorer.com. This is necessary for the skill's function but the domain is not whitelisted.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection. 1. Ingestion point: Rewards data fetched via axios in scripts/rewards-api.js. 2. Boundary markers: None. 3. Capability inventory: axios network requests; no file system or command execution. 4. Sanitization: No sanitization of API response data before display.
- [SAFE] (SAFE): No credentials exposure or malicious code detected.
Audit Metadata