raydium
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it accepts untrusted user input that influences high-stakes financial transactions. 1. Ingestion points: Command arguments such as token names, amounts, and pool IDs in swap and CLMM tools. 2. Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for the data being processed. 3. Capability inventory: The skill performs network operations specifically related to signing and broadcasting blockchain transactions. 4. Sanitization: There is no mention of input validation or sanitization for the provided parameters.
- Sensitive Data Handling (SAFE): The skill correctly requests the SOLANA_PRIVATE_KEY through environment variables (SOLANA_PRIVATE_KEY) rather than hardcoding credentials, which is consistent with security best practices for blockchain integration.
Audit Metadata