aave-risk-assessor
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill performs intended financial calculations using official protocol addresses.
- [DATA_EXPOSURE]: The skill requires a wallet address to function. This is a functional requirement and the address is only used to query public blockchain data.
- [PROMPT_INJECTION]: Indirect surface analysis:
- Ingestion points: Account data retrieved from on-chain contracts (e.g., totalCollateralBase, totalDebtBase).
- Boundary markers: None explicitly defined in output templates.
- Capability inventory: Data is displayed to the user via a markdown summary; no file-system or shell capabilities are triggered by the retrieved data.
- Sanitization: Data is numerically processed and formatted into standard strings before display.
- [SAFE]: The documentation includes local file paths (e.g., /Users/caoxiangrui/...) in the reference section. This is a common occurrence in development and does not present a security risk to the end-user.
Audit Metadata