position-manager
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill requests a user's public wallet address to query DeFi positions. It includes validation logic to reject invalid formats, zero addresses, or common placeholder addresses, reducing the risk of accidental exposure or incorrect data processing.
- [EXTERNAL_DOWNLOADS]: Fetches liquidity and portfolio metrics from the vendor's official API endpoint (
earn-service.kyberswap.com). This is a standard operation for the skill's stated purpose of monitoring DeFi positions. - [COMMAND_EXECUTION]: While the skill is read-only, it provides actionable suggestions (e.g.,
/zap migrate) that the user can choose to execute via other authorized skills. It does not execute these commands autonomously.
Audit Metadata