Skills
skills/ahmetenesdur/fibx-agentic-wallet-skills/tx-status/Gen Agent Trust Hub

tx-status

Warn

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill relies on npx fibx@latest to perform its core functionality. This command fetches the latest version of the fibx package from the NPM registry every time the skill is executed. Since the package is not maintained by a recognized trusted organization and is used in an unversioned manner (@latest), it introduces a significant supply chain risk where the external code could be changed or compromised without notice.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run commands and allows for arbitrary argument passing via the * wildcard in npx fibx@latest tx-status *. User-provided inputs like the transaction hash or chain name are interpolated directly into a shell environment, which is a dangerous pattern if the agent does not perform strict validation.
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection and command injection:
  • Ingestion points: User-provided hash and chain parameters defined in SKILL.md.
  • Boundary markers: Absent; there are no delimiters or instructions provided to the agent to treat these inputs as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill has the capability to execute shell commands (Bash) and access the network (via npx and the tool's own logic).
  • Sanitization: Absent; the skill does not provide any logic or instructions to escape, validate, or sanitize the user-supplied transaction hash before it is passed to the shell.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 14, 2026, 06:37 AM