1sat-stack
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, such as prompt injection, unauthorized data exfiltration, or persistence mechanisms, were detected. The skill correctly identifies its purpose as an interface for the 1sat-stack API and provides legitimate patterns for usage.
- [DATA_EXFILTRATION]: The skill performs network operations to
https://api.1sat.app/1sat, which is the official production API base described in the instructions. This behavior is consistent with the skill's purpose as a blockchain indexer client and does not involve the exfiltration of sensitive local data. - [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection because it ingests untrusted data from the blockchain.
- Ingestion points: Data enters the context via the
scripts/query-unified.tsscript, which fetches transaction details, metadata, and inscription content from the 1sat-stack API. - Boundary markers: The demonstration script does not utilize explicit boundary markers or instructions for the agent to ignore potentially malicious content within the fetched data.
- Capability inventory: The skill possesses the capability to perform network requests and process the results using the
bunruntime environment. - Sanitization: The retrieved content is processed and logged without explicit sanitization or validation, creating a standard surface for indirect injection if the agent interprets the external content as instructional.
Audit Metadata