kamino
Warn
Audited by Snyk on Feb 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill connects to public Solana RPC and token lists (e.g., wallet.getSolanaConnection(), tokenlist.resolveTokenMints()/getTokenList(), and kamino.getKaminoReserves()/getKaminoStrategies() in index.ts), ingesting public on-chain and token-list data (untrusted/user-controlled) that the agent reads and uses to resolve mints, compute health/rates, and drive transactions—so third-party content can materially influence actions.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly a Solana finance integration with commands to deposit, withdraw, borrow, repay, and manage liquidity vaults. It requires a SOLANA_PRIVATE_KEY and RPC URL, i.e., signing and submitting on-chain transactions. This is a specific crypto/wallet execution capability (moving assets, sending transactions), not a generic tool — therefore it grants direct financial execution authority.
Audit Metadata