grimoire-hyperliquid
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill utilizes
npx -y @grimoirelabs/cli, which downloads and executes code from the '@grimoirelabs' npm scope. This organization is not recognized as a trusted source in the defined security policy.\n- REMOTE_CODE_EXECUTION (HIGH): The use ofnpx -y(no-install execution) allows for the automated execution of remote scripts without user confirmation or hash pinning, providing a vector for malicious code updates.\n- COMMAND_EXECUTION (MEDIUM): The skill provides an interface for performing stateful financial operations likewithdrawthrough shell commands, which can be hijacked if the agent's instructions are subverted.\n- CREDENTIALS_UNSAFE (MEDIUM): The skill documentation describes the use of sensitive environment variables likeHYPERLIQUID_PRIVATE_KEYand local keystore paths. An agent with access to these secrets is a high-value target for exploitation.
Recommendations
- AI detected serious security threats
Audit Metadata