evm-chains
Fail
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: CRITICAL
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill contains a directory of public RPC endpoints (e.g., Ethereum, Arbitrum, Base). These are used as reference data for blockchain interactions. Automated scanner flags for specific RPCs (like
rpc.form.network) and the high frequency of HTTP requests are consistent with the skill's purpose as a blockchain metadata provider and do not indicate malicious intent. - [CREDENTIALS_UNSAFE]: The skill correctly instructs the agent to use an environment variable (
ROUTEMESH_API_KEY) for service authentication instead of hardcoding secrets. No private keys or sensitive local files are accessed. - [PROMPT_INJECTION]: The instructions are functional and restricted to chain resolution logic. There are no attempts to override system prompts, bypass safety filters, or manipulate the agent's behavior.
- [COMMAND_EXECUTION]: No shell commands, subprocess spawning, or unauthorized script executions are present in the provided skill content.
Recommendations
- CRITICAL: 1 infected file(s) detected - DO NOT USE
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata