starknet-wallet
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses established Starknet ecosystem libraries including 'starknet' and '@avnu/avnu-sdk' for its core operations. These are standard tools for interacting with the Starknet network.
- [EXTERNAL_DOWNLOADS]: The skill fetches token metadata and verified token lists from AVNU's official API (starknet.api.avnu.fi). This is a well-known and trusted service in the Starknet ecosystem for token resolution and routing.
- [COMMAND_EXECUTION]: The skill includes scripts for checking balances that are executed via the 'tsx' runner. These scripts perform read-only operations against the blockchain and do not execute untrusted input as commands.
- [CREDENTIALS_UNSAFE]: While the skill requires sensitive environment variables such as 'STARKNET_PRIVATE_KEY', the provided files only contain placeholders (e.g., '0x...') and follow standard development practices for wallet configuration via .env files.
- [PROMPT_INJECTION]: Analysis of the SKILL.md and documentation found no attempts to bypass safety filters or override agent instructions. The prompt instructions are focused on legitimate wallet management tasks.
Audit Metadata