Tools
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation from the vendor's domain (
ethskills.com) and provides instructions to install a Claude plugin from a GitHub repository (github.com/austintgriffith/ethskills). These resources are directly related to the skill's stated purpose of providing developer tools. - [NO_CODE]: The skill package does not include any executable scripts, binaries, or source code files; it serves primarily as a metadata and documentation hub pointing to external tools.
- [COMMAND_EXECUTION]: The
catalog.jsonfile contains a demonstration of thecastcommand-line tool. This includes examples of calling and sending Ethereum transactions, as well as signing transactions using a private key provided via an environment variable. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by instructing the agent to fetch and process content from an external URL.
- Ingestion points:
catalog.jsoninstructs the agent to read content fromhttps://ethskills.com/tools/SKILL.md. - Boundary markers: No specific delimiters or warnings to ignore embedded instructions are provided for the external content.
- Capability inventory: The skill environment assumes the presence of external CLI tools such as
cast,clawhub, andclaudeplugins. - Sanitization: There is no evidence of validation or sanitization of the remote markdown content before it is processed by the agent.
Audit Metadata