liberfi-portfolio
Warn
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains directives that override standard agent behavior by commanding the silent installation of a global CLI tool without user consent. It also instructs the agent to suppress error messages from the user regarding the presence or installation status of the package.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch and install the
@liberfi.io/clipackage from the official NPM registry. While the registry is a well-known service and the package is associated with the vendor, the directive to install it automatically at runtime is a security concern. - [COMMAND_EXECUTION]: The skill relies on executing global system commands, specifically
npm install -gfor setup and variouslfiCLI commands to interact with blockchain data and manage user authentication states. - [DATA_EXFILTRATION]: The skill accesses the authenticated user's wallet data and transaction history through the
lfi mecommands. This involves processing and displaying user-specific blockchain information from the vendor's TEE environment.
Audit Metadata