battlechain
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches technical documentation from
https://docs.battlechain.com/llms-full.txtand installs thecyfrin/battlechain-liblibrary. These resources are hosted on the vendor's official domains and repositories, which is standard for a development-focused skill. - [COMMAND_EXECUTION]: Provides instructions for using standard blockchain development tools like
forgeandjust. These commands are used for legitimate tasks such as deploying contracts, running scripts, and verifying source code on block explorers. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest external documentation at runtime to provide the agent with current protocol technical details. This creates a surface for indirect prompt injection if the remote content were compromised, though the source is the vendor's official documentation.
- Ingestion points: Documentation is fetched from
docs.battlechain.com/llms-full.txtas specified inSKILL.md. - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the fetched documentation.
- Capability inventory: The skill includes the capability to execute shell commands via
forgeandjust(found inSKILL.md). - Sanitization: There are no explicit sanitization or validation steps described for the remote data before it enters the agent's context.
Audit Metadata