htx-settlement
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
htx-clibinary to fetch exchange data, executing shell commands based on user input for parameters likecontract_codeand timestamps (evidence in SKILL.md). - [COMMAND_EXECUTION]: The skill possesses an indirect prompt injection surface (Category 8) due to the interpolation of untrusted data into executable commands.
- Ingestion points: User-provided variables such as
contract_codeandstart_timeare extracted from queries and passed to the CLI tool (SKILL.md). - Boundary markers: Absent. The instructions do not define delimiters or provide warnings for the agent to sanitize or ignore instructions embedded in the user data.
- Capability inventory: The agent is authorized to execute shell commands via the
htx-clitool across all defined endpoints in SKILL.md. - Sanitization: Absent. There is no instruction for validation, escaping, or filtering of the user-provided inputs before command execution.
Audit Metadata