orca
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill only contains a markdown definition file (SKILL.md) and lacks any executable implementation code (e.g., Python, JavaScript, or Shell scripts).
- [Credentials] (SAFE): The skill metadata declares a requirement for
SOLANA_PRIVATE_KEYin thegates.envssection. This is a transparent declaration of necessary credentials for its stated purpose as a DEX tool and does not constitute unsafe hardcoding. - [Indirect Prompt Injection] (SAFE): While the command structure (e.g., token names and amounts) represents an ingestion surface for user-controlled data, the lack of implementation code means there is no current risk of unsafe interpolation or processing.
Audit Metadata