almanak-strategy-builder
Fail
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted market data (prices, token symbols, indicators) to determine transaction logic, creating a surface for indirect prompt injection.\n
- Ingestion points: MarketSnapshot data passed to the decide() method in strategy.py.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are used in the provided templates.\n
- Capability inventory: Access to a full suite of DeFi operations including swaps, liquidity provision, and borrowing.\n
- Sanitization: Relies on the SDK's internal token resolution and gateway validation.\n- [EXTERNAL_DOWNLOADS]: The documentation instructs users to install Foundry via a remote script (curl -L https://foundry.paradigm.xyz | bash). This is an industry-standard development toolkit for Ethereum forks.\n- [COMMAND_EXECUTION]: The skill documentation provides instructions for executing various shell commands to manage environments and run strategies, such as 'almanak strat run', 'uv add', and 'pipx install'.\n- [NO_CODE]: The skill is composed entirely of markdown documentation and YAML metadata; no executable scripts or binaries are shipped with the skill itself.
Recommendations
- HIGH: Downloads and executes remote code from: https://foundry.paradigm.xyz - DO NOT USE without thorough review
Audit Metadata