krystal-defi-api
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Interaction with the official Krystal DeFi API (api.krystal.app) to retrieve metadata, pool analytics, and transaction configurations.
- [COMMAND_EXECUTION]: Usage of curl commands to interact with the Krystal API for querying blockchain data and preparing transaction payloads.
- [DATA_EXFILTRATION]: Transmission of the user's wallet address to the Krystal API endpoints. This is a legitimate and necessary operation for the skill to retrieve personalized position data and generate valid transaction data.
- [REMOTE_CODE_EXECUTION]: The skill enables the preparation of remote blockchain transaction payloads (txData). Although these are for financial operations on a blockchain rather than operating system code, it involves the agent facilitating the execution of hex data retrieved from a remote server.
- [PROMPT_INJECTION]: Assessment of the surface for indirect prompt injection from untrusted API data.
- Ingestion points: Data enters the agent's context through responses from multiple API endpoints at https://api.krystal.app.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided templates.
- Capability inventory: The skill provides a workflow for the agent to fetch, sign, and broadcast transaction data via a web3 provider.
- Sanitization: No evidence of input validation or content filtering for the API-provided transaction hex data or metadata is described.
Audit Metadata