optimizing-defi-yields
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches public financial data from well-known services (DeFiLlama and CoinGecko) to provide yield and protocol information. These operations are limited to read-only API access of public data.
- [COMMAND_EXECUTION]: Executes local Python scripts for data aggregation, yield calculation, and risk scoring. No arbitrary command execution or dangerous subprocess operations were detected.
- [DATA_EXFILTRATION]: No sensitive local information, credentials, or environment variables are accessed or transmitted. The skill utilizes a local cache file in the user's home directory for performance, which contains only public market data.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from APIs. While this presents an ingestion surface, the risk is mitigated by using well-known, trusted data sources and strictly parsing the data as structured JSON without execution of remote content.
Audit Metadata