hydrex
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to https://api.hydrex.fi/strategies and https://incentives-api.hydrex.fi to fetch liquidity pool data and reward Merkle proofs necessary for its core functions.
- [COMMAND_EXECUTION]: The skill relies on the bankr CLI tool to execute on-chain transactions and queries on the Base network, including locking HYDX tokens into veHYDX positions and submitting voting allocations.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from external protocol APIs to drive optimization logic (e.g., parsing pool names and calculating voting weights). 1. Ingestion points: Data is retrieved from api.hydrex.fi and incentives-api.hydrex.fi. 2. Boundary markers: None identified in the skill instructions to separate external data from the agent's internal reasoning. 3. Capability inventory: Subprocess execution via the bankr tool for blockchain transactions. 4. Sanitization: No explicit sanitization or validation of strings returned by the APIs is described.
Audit Metadata