1sat-cli
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
bunxrunner and the1satbinary to perform blockchain operations. - [EXTERNAL_DOWNLOADS]: The instructions rely on
bunx @1sat/cli, which fetches and executes code from the public npm registry at runtime. - [CREDENTIALS_UNSAFE]: The skill manages highly sensitive data, including private keys (WIF) and encrypted keystores located at
~/.1sat/keys.bep. It also utilizes thePRIVATE_KEY_WIFenvironment variable for authentication. - [DATA_EXFILTRATION]: The tool performs network operations to
api.1sat.appand user-configured remote storage endpoints to synchronize wallet state and broadcast transactions. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The
actioncommand accepts arbitrary JSON payloads which are processed by the internal@1sat/actionsregistry. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Includes filesystem writes (wallet and config files), network requests (API communication), and subprocess execution (via
bunx). - Sanitization: No specific sanitization or validation steps for the JSON input are described in the instructions.
Audit Metadata