Skills
skills/financedistrict-platform/fd-agent-wallet-skills/yield-strategies/Gen Agent Trust Hub

yield-strategies

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFE
Full Analysis
  • [Category 8: Indirect Prompt Injection] (SAFE): The skill ingests data from external DeFi protocols via the discoverYieldStrategies tool. While this creates a potential surface for indirect prompt injection, the risk is mitigated by the instruction to 'present options to the human' and obtain confirmation before executing any deposits or withdrawals. 1. Ingestion points: Output from fdx call discoverYieldStrategies. 2. Boundary markers: None. 3. Capability inventory: depositForYield, withdrawFromYield. 4. Sanitization: Human-in-the-loop review.
  • [Category 4: Remote Code Execution] (SAFE): No remote scripts or unverifiable packages are downloaded. The skill uses a defined set of local bash commands.
  • [Category 2: Data Exposure] (SAFE): No hardcoded secrets, private keys, or sensitive local file path access were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 03:45 AM