squads
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill performs sensitive file reads of private keys from the filesystem. In create-multisig.ts, the loadWallet function reads a Solana secret key using fs.readFileSync based on the WALLET_PATH environment variable or a default path (./keypair.json). This pattern allows for potential credential exposure if an attacker can influence the environment or parameters to point to sensitive files.
- [DATA_EXFILTRATION] (HIGH): Access to sensitive cryptographic material. The script accesses secret keys which, if leaked or misdirected, would result in the loss of controlled assets.
- [COMMAND_EXECUTION] (LOW): High-privilege capability for financial transactions. The createBasicMultisig function and others in create-multisig.ts use the Squads SDK to perform write operations on the Solana blockchain. While this is the skill's purpose, it represents a powerful capability that requires strict access controls.
- [EXTERNAL_DOWNLOADS] (MEDIUM): Dependency on non-whitelisted packages. The skill imports @sqds/multisig, which is not in the list of trusted external sources. This is a medium risk as the integrity of the package cannot be automatically verified against the trusted source list.
Recommendations
- AI detected serious security threats
Audit Metadata