kryptogo-pay-transfer
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted user input via arguments to determine the implementation context such as use cases, tokens, and chains. While this is an indirect prompt injection surface, the skill includes structured checklists and validation steps to ensure the agent follows a safe implementation path.
- Ingestion points:
SKILL.md(Step 1,$ARGUMENTS) - Boundary markers: Absent
- Capability inventory: The skill utilizes
Bash,Write,Edit, andGlobtools to facilitate code generation and project modification. - Sanitization: Provided code examples in
references/code-examples.mdinclude basic validation logic for token types and wallet address formats. - [EXTERNAL_DOWNLOADS]: The implementation templates provided in the skill references rely on standard, widely-used libraries to communicate with the official KryptoGO API endpoint. These dependencies are necessary for the intended functionality of the skill.
Audit Metadata