jupiter
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill requires a
SOLANA_PRIVATE_KEYto function, which it declares via the environment variable gate. No hardcoded secrets or patterns of data exfiltration were detected. - [Indirect Prompt Injection] (SAFE): The skill ingests user input for token names and transaction amounts. While it lacks explicit boundary markers, the ingestion is limited to specific command parameters for blockchain tools, posing minimal risk.
- [Unverifiable Dependencies] (SAFE): The TypeScript code examples reference local modules rather than external, untrusted downloads. No automated package installations or remote execution patterns were found.
Audit Metadata