emblem-defi-yield
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends installing the
@emblemvault/agentwalletNPM package. As this is a vendor-owned resource for the skill's author, it is a legitimate and expected dependency.\n- [COMMAND_EXECUTION]: The skill and its helper scriptscripts/yield-scan.shexecute theemblemaiCLI to perform blockchain research and token swaps.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its consumption of data from external DeFi services.\n - Ingestion points: External data enters the context via
birdeyeTrendingTokensandnansen_defi_portfoliotools inSKILL.md.\n - Boundary markers: There are no explicit markers used to separate untrusted external data from system instructions.\n
- Capability inventory: The skill includes value-moving capabilities like
splBuyIntentandethSwap.\n - Sanitization: External data is not sanitized before being processed by the agent.
Audit Metadata