defi-portfolio-tracker
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes position data from external providers, creating a surface for indirect prompt injection.\n
- Ingestion points: Position data is ingested via a JSON file processed by
scripts/portfolio_summary.pyas defined in the skill workflow.\n - Boundary markers: No explicit delimiters or boundary instructions are used to separate external data from the script's output context or the agent's summary.\n
- Capability inventory: Capabilities are restricted to data aggregation and mathematical calculations within
scripts/portfolio_summary.py; no dangerous system calls or network operations are present.\n - Sanitization: Numerical fields are validated via float casting, but string fields like protocol and asset names are not sanitized before being returned in the final output summary, allowing potential external content to influence the response.
Audit Metadata