alchemy-cli
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official
@alchemy/clipackage from the npm registry. - [COMMAND_EXECUTION]: The skill utilizes shell commands via the
alchemyCLI to perform blockchain queries, wallet management, and app configuration. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes external data from blockchain logs, metadata, and dynamic command definitions. (1) Ingestion points: External blockchain data (transfers, NFT metadata, logs) and the output of
alchemy agent-promptdescribed in SKILL.md. (2) Boundary markers: The skill mandates the use of--jsonand--no-interactiveflags to ensure structured and predictable data output. (3) Capability inventory: The skill has the capability to execute shell commands and modify blockchain configurations (e.g.,alchemy webhooks create,alchemy config set). (4) Sanitization: Instructions require parsing stdout and stderr strictly as JSON to mitigate unstructured data risks.
Audit Metadata