Bankr Dev - Token Trading
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (HIGH): This skill defines a high-privilege execution surface for token trading and bridging without security safeguards, making it vulnerable to Indirect Prompt Injection. (1) Ingestion points: Natural language input prompts are passed directly to the execute() function. (2) Boundary markers: Absent; the skill does not use delimiters or instructions to separate user commands from potentially malicious embedded content. (3) Capability inventory: Token swaps, cross-chain bridging across Ethereum, Solana, and Base, and asset conversions. (4) Sanitization: No input validation is implemented to ensure commands are authorized or safe.
- NO_CODE (LOW): The skill package contains only a markdown file and does not include the referenced bankr-client script, preventing verification of the underlying execution logic and security controls.
Recommendations
- AI detected serious security threats
Audit Metadata