gdex-trading
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: Hardcoded sensitive data was detected in multiple files within the scripts directory.
- File:
scripts/archive/check-balances.jscontains a plaintext 12-word mnemonic phrase:'airport room shoe add offer price divide sell make army say celery'. - Similar mnemonics and test private keys are present in other archived scripts including
scripts/archive/test-hl-debug.js,scripts/archive/diagnostic-v2.js, andscripts/archive/test-variants.js. - While these appear to be for testing purposes, including active mnemonics in distributed skill files is a significant security risk if users adapt these scripts for production use without replacement.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality.
- Ingestion Points: The skill frequently retrieves token metadata, symbols, and names via the
getTokenDetailsandgetTrendingTokensactions from an external API (trade-api.gemach.io). - Capability Inventory: The agent is granted high-privilege capabilities including
buy_token,sell_token, andhl_create_order(perpetual futures trading). - Surface: Malicious actors could create tokens with names or symbols containing instructional strings designed to influence agent behavior when the agent 'researches' the token before a trade. The current instructions lack boundary markers or explicit warnings to ignore instructions embedded in token metadata.
- [SAFE]: The pre-configured API keys found in
src/config/apiKeys.tsare documented as shared keys for public use by AI agents and are considered part of the intended platform architecture.
Audit Metadata