copy-trading-solana
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface.
- Ingestion points: Monitors Solana blockchain transactions and wallet activities (Pump.fun, Raydium, etc.).
- Boundary markers: None specified in the documentation.
- Capability inventory: Performs automated trades via Jupiter aggregator based on observed transaction data.
- Sanitization: No mention of sanitizing or validating external transaction metadata (e.g., token names, memos).
- [No Code] (SAFE): The skill currently only contains a documentation file (SKILL.md) and no executable code or scripts to analyze for direct malicious behavior.
- [Credentials] (INFO): The skill requires the SOLANA_PRIVATE_KEY environment variable. Users should ensure this key is handled securely and the agent environment is isolated, as this key grants full control over the associated funds.
Audit Metadata