Skills
skills/bankrbot/openclaw-skills/zerion/Gen Agent Trust Hub

zerion

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and installs zerion-cli and zerion-mcp-server via the npm registry to enable interaction with the Zerion platform.
  • [COMMAND_EXECUTION]: Utilizes shell scripts and integration guides to bridge research data from Zerion with execution capabilities in the Bankr CLI.
  • [PROMPT_INJECTION]: Identifies an indirect prompt injection surface in the provided integration guides. 1. Ingestion points: Blockchain data (e.g., fungible_info.symbol, transfer.value) entering from the Zerion API in the references/bankr-integration.md scripts. 2. Boundary markers: No delimiters or warnings are used to distinguish external data from agent instructions. 3. Capability inventory: The skill uses the bankr tool to perform sensitive actions including token swaps, DCA orders, and stop-loss settings. 4. Sanitization: External data is interpolated into shell command strings without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:19 AM