Skills
skills/aibtcdev/skills/jingswap-v2/Gen Agent Trust Hub

jingswap-v2

Fail

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file jingswap-v2.ts contains a hardcoded secret key assigned to the JINGSWAP_API_KEY constant, which is used to authenticate requests to the backend service.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to an external API (https://faktory-dao-backend.vercel.app) to retrieve auction cycle states, oracle price data, and settlement proofs (VAAs).
  • [COMMAND_EXECUTION]: The CLI tool performs sensitive blockchain operations using the callContract function to deposit funds and settle auctions, with parameters and logic derived from external API data.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because the agent's decision-making logic relies on data fetched from a remote API that could be manipulated to influence the agent's actions.
  • Ingestion points: jingswap-v2.ts ingests data from the Jingswap API via the jingswapGet helper function.
  • Boundary markers: Absent; the skill does not use delimiters or instructions to ignore potential commands embedded in the API data.
  • Capability inventory: callContract within jingswap-v2.ts provides the capability to move STX and sBTC tokens and execute contract logic.
  • Sanitization: The skill does not perform integrity checks or validation on the data returned from the external API before using it to construct blockchain transactions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 30, 2026, 11:12 PM