Skills
skills/bankrbot/skills/Standards/Gen Agent Trust Hub

Standards

Warn

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from an external domain (ethskills.com) and references a GitHub repository (github.com/austintgriffith/ethskills) for installation and configuration purposes.
  • [COMMAND_EXECUTION]: The catalog metadata includes an 'install.command' that executes a shell command using 'curl' to retrieve remote content.
  • [PROMPT_INJECTION]: The skill instructions direct the agent to fetch and process data from an external URL (https://ethskills.com/standards/SKILL.md), which serves as a vector for indirect prompt injection attacks.
  • Ingestion points: catalog.json setup instructions and install command
  • Boundary markers: Absent
  • Capability inventory: Shell command execution via curl and remote URL ingestion
  • Sanitization: Absent
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 19, 2026, 01:18 PM
Security Audit — agent-trust-hub — Standards