avnu
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- CREDENTIALS_SAFE (SAFE): The scripts require a
STARKNET_PRIVATE_KEYandAVNU_PAYMASTER_API_KEY. These are correctly handled via environment variables (process.env) and the documentation explicitly warns against committing these secrets to version control. - EXTERNAL_DOWNLOADS (SAFE): The skill connects to standard and legitimate blockchain infrastructure including Starknet RPC nodes (
rpc.starknet.lava.build) and AVNU's official API and paymaster endpoints (starknet.api.avnu.fi,starknet.paymaster.avnu.fi). These are necessary for the skill's primary purpose. - DATA_EXFILTRATION (SAFE): No unauthorized data transmission was detected. The scripts sign transactions locally using the provided private key and send the signed transactions to the specified blockchain network.
- COMMAND_EXECUTION (SAFE): The scripts are intended to be executed manually by the user via
npx ts-node. There are no instances of the skill attempting to execute arbitrary or hidden system commands. - PROMPT_INJECTION (SAFE): The skill consists of technical code and reference documentation. It does not contain natural language instructions designed to override agent behavior or bypass safety filters.
- INDIRECT_PROMPT_INJECTION (LOW): The skill ingests data from external sources (AVNU API and Starknet blockchain) to display quotes, token lists, and order statuses. While this data is printed to the console, it is treated as data and not as instructions, posing a minimal risk to an agent observing the output.
Audit Metadata