Skills
skills/nghanyi/agent-skills/integrating-jupiter/Gen Agent Trust Hub

integrating-jupiter

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The metadata in SKILL.md claims the author is 'jupiter', which is misleading as the provided context identifies the developer as 'nghanyi'. This discrepancy can cause users to misjudge the skill's officiality and trustworthiness.
  • [PROMPT_INJECTION]: The skill processes untrusted data from Jupiter APIs, such as token metadata and search results, which are influenced by external parties. This creates an indirect prompt injection surface.
  • Ingestion points: API calls to /tokens/v2/search and /portfolio/v1/positions in SKILL.md.
  • Boundary markers: No delimiters or instructions are used to prevent the agent from executing instructions embedded in the API responses.
  • Capability inventory: The skill includes logic for signing and broadcasting transactions via @solana/web3.js, providing the agent with write access to the Solana blockchain.
  • Sanitization: The skill lacks logic to validate or escape external strings before they are incorporated into the agent's context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 05:09 PM