defi-bridge-route-planner
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external bridge aggregators and solver APIs.
- Ingestion points: Data is retrieved from external aggregator integration points and direct bridge quote endpoints as described in SKILL.md and references/aggregator-integration.md.
- Boundary markers: The skill defines a structured JSON schema for the final output, providing a clear boundary for the agent's response.
- Capability inventory: The included script scripts/route_cost_model.py performs cost calculations and route ranking. No dangerous system operations like file writing, network calls, or subprocess spawning were detected in the script logic.
- Sanitization: The scripts/route_cost_model.py script provides basic sanitization by strictly casting input fields to float and integer types and validating objective and risk parameters against predefined allow-lists.
Audit Metadata