portfolio
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHCREDENTIALS_UNSAFENO_CODE
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill requires users to provide extremely sensitive credentials in environment variables, most notably
HL_PRIVATE_KEY(Hyperliquid private key) andBINANCE_FUTURES_SECRET. A private key provides full control over blockchain funds; entering it into an AI agent's environment is a dangerous practice that could lead to complete account compromise if the agent's memory, logs, or environment are accessed by unauthorized parties. - [Indirect Prompt Injection] (LOW): The skill possesses a surface for indirect prompt injection attacks.
- Ingestion points: The skill fetches data from external prediction markets (Polymarket, Kalshi) and crypto exchanges (Binance, Hyperliquid).
- Boundary markers: No delimiters or 'ignore embedded instructions' warnings are specified in the documentation.
- Capability inventory: The skill performs data aggregation, P&L calculation, and potentially tracks external 'whale' addresses.
- Sanitization: No evidence of sanitization or validation of the ingested external data is present.
- [NO_CODE] (SAFE): No executable code (Python, JavaScript, or Shell) was provided with the skill definition, preventing a deep analysis of how data and secrets are handled at runtime.
Recommendations
- AI detected serious security threats
Audit Metadata