Skills
skills/ledgerhq/agent-skills/dmk-intent-vocabulary/Gen Agent Trust Hub

dmk-intent-vocabulary

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill establishes critical security conventions for the agent, explicitly prohibiting the inference or use of user-provided derivation paths. This prevents potential address-confusion attacks where a user might be tricked into generating keys from an unexpected path.
  • [SAFE]: Includes specific warnings against insecure methods like eth_sign, correctly identifying them as phishing vectors and directing the AI to flag these risks to developers.
  • [SAFE]: Promotes best practices for user safety by mandating on-device address verification (checkOnDevice: true) to mitigate risks associated with compromised host displays.
  • [EXTERNAL_DOWNLOADS]: Mentions the @ledgerhq/device-transport-kit-speculos package for simulation and testing. This is an official vendor package from the author 'ledgerhq' and is appropriate for the skill's testing and debugging context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:15 PM
Security Audit — agent-trust-hub — dmk-intent-vocabulary