quicknode-skill
Fail
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: CRITICALPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill provides an interface for processing untrusted external data, creating a surface for indirect prompt injection.
- Ingestion points: The agent ingests data from external blockchain logs and transactions via the Streams and Webhooks integrations documented in
streams-reference.mdandwebhooks-reference.md. - Boundary markers: Example processing logic lacks explicit delimiters or instructions for the AI to ignore embedded commands within the blockchain data.
- Capability inventory: The skill allows the agent to execute network requests, perform SQL queries via
sql-explorer.md, and write to decentralized storage viaipfs-reference.md. - Sanitization: Integration examples do not demonstrate sanitization or validation of the ingested blockchain data before it influences subsequent agent actions.
- [EXTERNAL_DOWNLOADS]: The skill interacts with external vendor infrastructure and official repositories.
- Resources: Example code fetches configuration and data from
api.quicknode.com,mpp.quicknode.com, andx402.quicknode.com. - Context: These resources are official endpoints for the Quicknode service. Automated scanner alerts regarding the IPFS gateway (
quicknode-ipfs.com) are attributed to the shared nature of IPFS infrastructure and do not indicate malicious intent within the skill's code.
Recommendations
- Contains 3 malicious URL(s) - DO NOT USE
Audit Metadata