celopedia-skill
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs multiple network operations using
curland GraphQL to fetch live data from external sources. These includedocs.celo.orgfor documentation,celopg.ecofor grant programs,beta.node.thegrid.idfor ecosystem products,api.llama.fifor DeFi metrics,mondo.celo.orgfor governance proposals, andforum.celo.orgfor community discussions. These operations are intended for live data retrieval as described in the skill's research workflow.\n- [PROMPT_INJECTION]: The skill processes untrusted data from third-party sources, which presents an attack surface for indirect prompt injection.\n - Ingestion points: Ecosystem product descriptions from The Grid, governance proposal text from GitHub and Mondo, and community discussions from the Celo Forum are loaded into the agent's context.\n
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided reference instructions.\n
- Capability inventory: The skill instructions enable the agent to generate contract code, configure developer tools (Foundry, Hardhat), and provide integration snippets for DeFi protocols.\n
- Sanitization: There is no evidence of sanitization or validation for the data retrieved from the live APIs before it is presented to or processed by the AI.
Audit Metadata