spectra-pt-yield-trader
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill communicates with api.serendb.com to verify account balances and manage scheduled tasks via the seren-cron service. This is a vendor-owned resource for the serenorg organization.
- [COMMAND_EXECUTION]: The skill provides scripts for running a local planning agent and a trigger server. These are used to execute the workflow steps defined in the skill and are functional components of the agent.
- [PROMPT_INJECTION]: The skill processes external market data and user inputs, creating an indirect prompt injection surface. This is mitigated by input validation logic in agent.py which checks for supported chains and numeric bounds for trade parameters.
Audit Metadata