swap-build
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches token metadata, safety information (honeypot/fee-on-transfer), and swap routes from official KyberSwap domains (
token-api.kyberswap.com,aggregator-api.kyberswap.com, andcommon-service.kyberswap.com). These are necessary for the skill's primary function and target vendor-controlled infrastructure. - [COMMAND_EXECUTION]: Uses
Bash(curl)to perform a POST request to the KyberSwap Aggregator API to build transaction calldata. This command is executed only after a mandatory human confirmation step (Step 4b) and uses data retrieved from previous authorized GET requests. - [PROMPT_INJECTION]: The skill instructions do not contain attempts to override safety filters or hijack agent behavior. Instead, it explicitly instructs the agent to perform safety checks, such as verifying the recipient address and warning the user if gas costs exceed the swap value.
- [DATA_EXFILTRATION]: While the skill handles user wallet addresses, they are transmitted only to the vendor's swap aggregation service to facilitate transaction building. No sensitive data (such as private keys or environment variables) is accessed or transmitted.
- [SAFEGUARDING]: The skill implements several defensive patterns: it refuses to build swaps for tokens flagged as honeypots, warns about fee-on-transfer taxes, and prevents using invalid addresses (like the zero address) as a transaction sender.
Audit Metadata