solana-swaps
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses several command-line tools (
solana,spl-token,curl,jq,node) to interact with the Solana blockchain and external APIs. These are used for legitimate purposes such as checking balances and generating swap transactions. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to
api.jup.ag(Jupiter Aggregator), which is a well-known service in the Solana ecosystem. These requests are used to fetch swap quotes and build transactions. Per security guidelines, references to well-known services are considered safe. - [DATA_EXPOSURE]: The skill uses the
$SOLANA_KEYPAIR_PATHand$JUPITER_API_KEYenvironment variables. These are standard methods for managing sensitive credentials without hardcoding them. The instructions explicitly state never to log or display private key contents. - [ADVERSARIAL_ANALYSIS]: The skill incorporates strong safety guardrails, including mandatory user confirmation steps before any transaction execution and warnings for high price impact or slippage. The logic aligns with the stated purpose of a wallet management tool.
Audit Metadata