percolator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Dynamic Execution] (LOW): The skill utilizes dynamic
import()to load trading logic from relative paths outside the skill directory (../../../percolator/). While this introduces a dependency on the host filesystem structure, it is intrinsic to the skill's primary function and follows monorepo development patterns. - [Indirect Prompt Injection] (LOW): The skill processes user-supplied numeric strings for trades. While these inputs are validated, data returned from the Solana protocol (such as transaction signatures and error messages) is interpolated into the agent's response without specific delimiters.
- Ingestion points:
index.ts(arguments for long, short, deposit, and withdraw commands). - Boundary markers: Absent.
- Capability inventory: Executes blockchain transactions including market orders and collateral management.
- Sanitization: The skill uses
Number()andBigInt()to parse and validate user inputs before they are used in financial operations.
Audit Metadata