Skills
skills/sendaifun/skills/orca/Gen Agent Trust Hub

orca

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The skill implements logic to read private keys from the local filesystem.
  • Evidence: In examples/swap/token-swap.ts, the loadWallet function uses fs.readFileSync(CONFIG.walletPath, "utf8") to ingest a JSON keypair.
  • Risk: This allows the agent to access highly sensitive cryptographic secrets. If the WALLET_PATH environment variable is manipulated, it could be used to read other sensitive files on the system.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The script relies on the @orca-so/whirlpools package.
  • Evidence: import { ... } from "@orca-so/whirlpools"; in examples/swap/token-swap.ts.
  • Note: The orca-so organization is not on the provided Trusted GitHub Organizations list, making this an unverifiable dependency that requires external audit.
  • [DATA_EXFILTRATION] (LOW): The skill transmits data to external blockchain RPC nodes.
  • Evidence: Connection established to https://api.mainnet-beta.solana.com.
  • Note: While this is the intended primary purpose of the skill, the domain is not on the trusted whitelist for network operations.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:08 PM