crypto-onchain-data

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to several external domains not included in the standard whitelist to retrieve cryptocurrency metrics and ETF flow data:
  • bitcoin-data.com (accessed via the provided Python script)
  • farside.co.uk, sosovalue.com, coinglass.com, and newhedge.io (instructed for agent web fetching)
  • [COMMAND_EXECUTION]: The skill executes a local Python script (onchain_fetch.py) to process valuation data. While the script uses the Python standard library, it performs the following operations:
  • Navigates the file system using relative path traversal (../../../crypto/news/) to read and write a cache file. Depending on the installation path, this could result in the skill creating folders and files in the user's home directory or other unexpected locations.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests data from untrusted external websites to generate summaries.
  • Ingestion points: Data is pulled from bitcoin-data.com, yfinance, and multiple ETF dashboards.
  • Boundary markers: None. The skill does not provide instructions to ignore potential commands embedded in the retrieved web content.
  • Capability inventory: The skill has the ability to execute the local script onchain_fetch.py.
  • Sanitization: There is no explicit sanitization or validation of the content retrieved from external sources before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 08:03 AM
Security Audit — agent-trust-hub — crypto-onchain-data