htx-elite-positioning
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The instructions in
SKILL.mddirect the agent to construct shell commands for thehtx-clibinary by interpolating user-supplied values likecontract_codeandperiodinto the command line. This creates a potential for command injection if the agent does not properly validate or sanitize the input before execution. - [EXTERNAL_DOWNLOADS]: The skill requires the
htx-clitool to be pre-installed and includes an entry point inpackage.json(bin/install.js) that references an installation script. These resources are provided by the vendorhtx-exchangeand are necessary for the skill's operation. - [PROMPT_INJECTION]: The skill retrieves and processes data from external HTX API endpoints, which creates an indirect prompt injection surface. Malicious data returned by the API could attempt to influence agent behavior, although the risk is low due to the expected numerical and structured nature of the data.
- Ingestion points: API response data retrieved via
htx-cli(referenced inSKILL.md). - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates.
- Capability inventory: The skill possesses the capability to execute the
htx-clibinary on the host system. - Sanitization: No sanitization or validation logic is specified for the external data inputs or the API outputs.
Audit Metadata