Skills
skills/blave-tw/blave-quant-skill/blave-quant/Gen Agent Trust Hub

blave-quant

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The README.md installation instructions require sudo to create a symlink in /usr/local/bin/, granting elevated privileges to the skill's entry point. Additionally, blave_cli.py utilizes subprocess.run to execute internal scripts.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing external inputs such as keywords and symbols in fetch_news and fetch_taker_intensity commands.
  • Ingestion points: Function arguments in src/main.py (e.g., keyword, symbol).
  • Boundary markers: None present in the execution flow.
  • Capability inventory: Accesses external APIs and system environment variables.
  • Sanitization: No validation or escaping is applied to user-provided parameters before use in network requests.
  • [EXTERNAL_DOWNLOADS]: The skill is installed from a remote GitHub repository as documented in the README.md. This follows the vendor's intended distribution model.
  • [DATA_EXFILTRATION]: The skill retrieves sensitive credentials (API keys and private keys) from a local .env file to authenticate with the Blave and Hyperliquid platforms. These operations are restricted to the intended vendor domains and well-known services.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 01:16 PM