hydrex
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'bankr' utility for transaction execution and agent prompting. It also provides commands involving 'curl' and 'jq' for data processing.- [EXTERNAL_DOWNLOADS]: Official strategy and reward data are retrieved from Hydrex subdomains (api.hydrex.fi and incentives-api.hydrex.fi). As these are the official endpoints for the protocol's functionality, these references are considered safe.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from external APIs.
- Ingestion points: API responses from api.hydrex.fi/strategies and incentives-api.hydrex.fi are used across multiple reference files.
- Boundary markers: The instructions do not define explicit delimiters or instructions to ignore embedded commands in the API data.
- Capability inventory: The skill has the ability to execute transactions on the Base network via the bankr CLI.
- Sanitization: The skill relies on structured JSON extraction from the API responses without additional validation or sanitization of the content.
Audit Metadata