messari-token-research
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the MoonPay CLI (mp) to manage wallet balances, bridge USDC between the Ethereum and Base networks, and interact with the Messari API. It includes a bash script that writes research findings to the local filesystem at ~/.config/moonpay/research/.
- [EXTERNAL_DOWNLOADS]: The skill fetches token information, price history, sentiment signals, and news directly from api.messari.io. Messari is an established and well-known financial data service in the cryptocurrency sector.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection in its final synthesis step, as it interpolates external news headlines and asset descriptions into an AI prompt. This architectural pattern could allow external content to influence the AI's output.
- Ingestion points: External data from Messari API news and asset details.
- Boundary markers: None; data is interpolated directly into the AI synthesis prompt.
- Capability inventory: Wallet management (bridging funds) and local file system access via the mp CLI.
- Sanitization: No sanitization or filtering of fetched external content is performed before processing.
Audit Metadata