aster-deposit-fund
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements legitimate financial functionality for the Aster platform using standard Web3 development practices.
- [CREDENTIALS_SAFE]: Wallet private keys are handled via environment variables (
ASTER_DEPOSIT_PRIVATE_KEY). The skill provides explicit instructions to the AI agent to prevent logging or displaying these keys, and the implementation scripts use them only for local transaction signing. - [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor's official API (
asterdex.com) to retrieve necessary configuration data like supported assets and deposit addresses. It also connects to well-known public blockchain RPC endpoints, which is standard and expected behavior. - [COMMAND_EXECUTION]: Implementation is provided through scripts for the Bun runtime. These scripts are constrained to specific tasks (checking balances and executing deposits) and do not contain patterns for arbitrary command execution.
- [PROMPT_INJECTION]: No malicious prompt injection or instruction override patterns were found. The skill includes beneficial internal guidelines requiring the agent to obtain explicit user consent before performing any on-chain action.
Audit Metadata