perpetuals-trading
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): Instructions are standard for a domain-specific expert skill. There are no attempts to bypass safety filters or ignore system instructions. The skill explicitly instructs the agent to prioritize the provided reference files over user requests.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets, sensitive file paths, or network exfiltration patterns were found.
- [Obfuscation] (SAFE): The content is clear markdown with no encoded strings (Base64), zero-width characters, or homoglyphs.
- [Remote Code Execution] (SAFE): No remote downloads, package installations, or dynamic execution mechanisms (eval/exec) are present.
- [Indirect Prompt Injection] (LOW): The skill possesses a data ingestion surface as it processes user code (implied by the .sol validation rules) and reference files. However, it lacks dangerous capabilities like network writing or file system modification that could be exploited via injection. It also includes instructions to correct users based on reference truth, which serves as a basic grounding boundary.
- [Command Execution] (SAFE): No shell commands or subprocess spawning were detected.
Audit Metadata