helius
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the user to install 'docpull' via pipx. This utility is not provided by a trusted source according to the security scope, and installing unverified packages from public registries constitutes a dependency risk.
- [COMMAND_EXECUTION] (LOW): The documentation contains bash commands for executing API requests via curl and pulling documentation via docpull. These are functional but execute external commands.
- [DATA_EXFILTRATION] (SAFE): The skill interacts with 'helius-rpc.com' and 'helius.xyz'. These network operations are aligned with the skill's primary purpose of providing Helius Solana infrastructure support and do not target sensitive local files.
Audit Metadata