emblem-portfolio-tracker
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities or malicious patterns were identified. The skill performs its described functions using official resources and standard automation techniques.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@emblemvault/agentwalletNPM package. This is a vendor-owned CLI tool necessary for the skill's core functionality. - [COMMAND_EXECUTION]: The provided helper script
scripts/portfolio-report.shexecutes theemblemaicommand-line utility to automate the generation of portfolio reports. This is a standard automation pattern for this toolset. - [PROMPT_INJECTION]: The skill processes blockchain data which acts as an attack surface for indirect prompt injection.
- Ingestion points: Blockchain balance and position data fetched via the chain-specific tools listed in
SKILL.md. - Boundary markers: None present in the command messages used in
scripts/portfolio-report.sh. - Capability inventory: Shell execution of the
emblemaiCLI commands as found inscripts/portfolio-report.sh. - Sanitization: No explicit validation or filtering logic for external blockchain data is present in the provided scripts.
Audit Metadata