Skills
skills/bankrbot/skills/Frontend Playbook/Gen Agent Trust Hub

Frontend Playbook

Warn

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's setup instructions direct the user or agent to install a plugin from an external GitHub repository (github.com/austintgriffith/ethskills) and a package from an unverified registry (clawhub install ethskills).
  • [COMMAND_EXECUTION]: The catalog.json manifest specifies an installation command using curl to fetch content from an external domain (ethskills.com).
  • [PROMPT_INJECTION]: The skill instructs the agent to browse and follow instructions from an external URL (https://ethskills.com/frontend-playbook/SKILL.md). This creates a surface for indirect prompt injection, as the content at that URL is not part of the analyzed package and could contain malicious instructions.
  • [REMOTE_CODE_EXECUTION]: While the fetched URL currently points to a markdown file, the inclusion of remote fetching in the install and setup fields introduces a mechanism where the source could be swapped for executable content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 19, 2026, 01:18 PM
Security Audit — agent-trust-hub — Frontend Playbook