htx-settlement

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the htx-cli binary to fetch exchange data, executing shell commands based on user input for parameters like contract_code and timestamps (evidence in SKILL.md).
  • [COMMAND_EXECUTION]: The skill possesses an indirect prompt injection surface (Category 8) due to the interpolation of untrusted data into executable commands.
  • Ingestion points: User-provided variables such as contract_code and start_time are extracted from queries and passed to the CLI tool (SKILL.md).
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings for the agent to sanitize or ignore instructions embedded in the user data.
  • Capability inventory: The agent is authorized to execute shell commands via the htx-cli tool across all defined endpoints in SKILL.md.
  • Sanitization: Absent. There is no instruction for validation, escaping, or filtering of the user-provided inputs before command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:49 PM
Security Audit — agent-trust-hub — htx-settlement