perp-cli
Warn
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to configure wallets by passing raw private keys as command-line arguments (e.g.,
perp --json wallet set hl <EVM_KEY>). This method of handling secrets is considered unsafe as it can lead to credentials being exposed in shell history, process lists, or environment logs. - [EXTERNAL_DOWNLOADS]: The skill downloads and installs the
perp-clipackage from the NPM registry. It also encourages the use ofnpx -y perp-cli@latest, which dynamically downloads and executes the latest version of the tool from a remote source at runtime. - [COMMAND_EXECUTION]: The skill performs extensive operations via shell commands, including financial transactions, wallet management, and running automated trading bots. This creates a high-privilege environment where the agent has direct control over command-line execution.
- [PROMPT_INJECTION]: The skill includes instructions to the agent to disregard certain files or avoid specific interactive commands (e.g.,
NEVER read ~/.perp/.env or key files,NEVER use perp init). These are constraints on the agent's behavior that, while intended as safety measures, illustrate the agent's broad access to the local file system and execution environment.
Audit Metadata