Skills
skills/gate/gate-skills/gate-exchange-candydrop/Gen Agent Trust Hub

gate-exchange-candydrop

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the gate-cli binary from the official Gate GitHub organization (github.com/gate/gate-cli) as part of its installation process. These downloads are verified using checksums in the provided setup script.
  • [COMMAND_EXECUTION]: The skill utilizes gate-cli subcommands to interact with the exchange API. The setup.sh script also uses sudo for system-wide installation if local directory permissions are insufficient, which is standard behavior for developer tool installers and within the scope of the skill's primary purpose.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes and displays data from the Gate exchange API (e.g., task titles and descriptions).
  • Ingestion points: Data returned by the gate-cli commands in activities.md, progress.md, and records.md is interpolated into user-facing responses.
  • Boundary markers: No explicit delimiters are used to wrap external data in the prompt templates.
  • Capability inventory: Write capabilities include gate-cli cex launch candy-drop register.
  • Sanitization: No programmatic sanitization is evident; however, the skill mitigates risk by requiring explicit user confirmation ("confirm" or "cancel") before any registration actions are performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 03:51 PM