hyperliquid-trading
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (CRITICAL): Piped remote script execution from an untrusted source. Evidence: curl command found in installation section targeting https://raw.githubusercontent.com/infinitefield/hypersdk/main/hypecli/install.sh. The repository organization 'infinitefield' is not on the trusted source list.
- REMOTE_CODE_EXECUTION (CRITICAL): The installation process executes remote content directly in the shell without verification.
- COMMAND_EXECUTION (MEDIUM): Core functionality relies on executing a local binary 'hypecli' with varied arguments.
- CREDENTIALS_UNSAFE (MEDIUM): Skill examples use plaintext passwords in command-line flags (e.g., --password yourpassword), which can be exposed in system logs and process lists.
- PROMPT_INJECTION (LOW): Surface for indirect prompt injection exists. 1. Ingestion points: 'hypecli balance' and 'hypecli perps' read market data. 2. Boundary markers: Absent. 3. Capability inventory: 'hypecli order' allows trading actions. 4. Sanitization: No sanitization of ingested data is described.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/infinitefield/hypersdk/main/hypecli/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata