grimoire-morpho-blue
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing external data from the Morpho Blue protocol.\n
- Ingestion points: Market metadata and MetaMorpho vault snapshots fetched through the
grimoire venue morpho-blue vaults-snapshotcommand inSKILL.md.\n - Boundary markers: Absent; the skill does not define delimiters or provide instructions for the agent to ignore or isolate potentially malicious content embedded in the fetched protocol data.\n
- Capability inventory: The skill allows for shell command execution (
grimoire,npx), network queries to blockchain providers, and the generation of financial 'spell' parameters.\n - Sanitization: There is no evidence of sanitization or validation of external data before it is integrated into the agent's prompt context.\n- [EXTERNAL_DOWNLOADS]: The skill recommends using
npx -y @grimoirelabs/cli, which triggers the download and execution of the Grimoire CLI from the npm registry during runtime.\n- [REMOTE_CODE_EXECUTION]: By invokingnpx, the skill executes remote code from a third-party registry, which is a standard but noteworthy execution pattern for this toolset.\n- [COMMAND_EXECUTION]: The skill's primary functionality is delivered through the execution of shell-based CLI commands to interact with the Morpho Blue adapter.
Audit Metadata