@1458/dust-sweeper
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted token names and symbols from external APIs like CoinGecko and Etherscan.
- Ingestion points: The agent calls wallet_balance and cg_token_price in SKILL.md, bringing external token names and symbols into the context.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are used during the interpolation of this data into swap logic.
- Capability inventory: High-impact capabilities include odos_swap, wallet_sol_transfer, and the ability to schedule recurring tasks.
- Sanitization: No explicit sanitization or validation of token metadata is performed before display or processing.
- [COMMAND_EXECUTION]: The skill utilizes schedule_task to perform recurring wallet operations and recommends a broad wallet policy (allow *) to facilitate these automated swaps.
- Evidence: SKILL.md references scheduling sweeps via cron expressions and instructions to set permissive policies.
- [EXTERNAL_DOWNLOADS]: The skill interacts with recognized, well-known services in the DeFi ecosystem for token discovery and pricing.
- Evidence: Communicates with Etherscan, CoinGecko, Odos, and Jupiter. These are documented as well-known services within the blockchain ecosystem, and the interactions are necessary for the skill's primary function.
Audit Metadata