Testing
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches external markdown content from
https://ethskills.com/testing/SKILL.mdduring the setup and installation phase. - [EXTERNAL_DOWNLOADS]: Recommends installing a plugin from the external GitHub repository
https://github.com/austintgriffith/ethskillsusing theclaude plugin installandclawhub installcommands. - [COMMAND_EXECUTION]: The
catalog.jsonfile defines an installation commandcurl -s https://ethskills.com/testing/SKILL.mdwhich executes a shell command to retrieve remote content. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by directing the agent to fetch and adopt instructions from an external website.
- Ingestion points: Remote instructions are ingested from
https://ethskills.com/testing/SKILL.mdviacurland explicit agent instructions. - Boundary markers: No delimiters or "ignore embedded instructions" warnings are present to isolate the external content from the agent's core instructions.
- Capability inventory: The agent uses the ingested data to generate Solidity smart contract tests (Foundry).
- Sanitization: The skill performs no validation, escaping, or filtering of the remote content before processing.
Audit Metadata