Skills
skills/botcoinmoney/botcoin-miner-skill/botcoin-miner/Gen Agent Trust Hub

botcoin-miner

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to treat solveInstructions from an external API response as the "authoritative challenge-specific instruction block." This creates a conflict with general safety guidelines and may lead the agent to follow malicious instructions if the external source is compromised.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection attacks.
  • Ingestion points: Challenge payloads (including doc, questions, and solveInstructions) fetched via curl from coordinator.agentmoney.net.
  • Boundary markers: The skill includes a "Golden Rule" warning that coordinator response payloads are challenge data and not trusted system instructions, though this is partially contradicted by the specific instruction to treat them as authoritative.
  • Capability inventory: The skill uses curl for network communication and has the capability to perform financial transactions (swapping, staking, submitting) through the bankr skill.
  • Sanitization: No automated sanitization or filtering of the external instruction content is performed before processing.
  • [COMMAND_EXECUTION]: The skill relies on curl and jq to communicate with external APIs and process JSON responses, which involves handling the BANKR_API_KEY and transaction data.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to coordinator.agentmoney.net and api.bankr.bot. These are vendor-owned domains related to the skill's intended functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 01:44 AM