superfluid
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill instructions and documentation follow best practices for security and developer guidance. It includes explicit warnings against using write-access commands (e.g., 'cast send') and provides safe alternatives for read-only data retrieval.
- [EXTERNAL_DOWNLOADS]: The skill utilizes several official NPM packages (@sfpro/sdk, @superfluid-finance/tokenlist, @superfluid-finance/metadata) via 'bunx' for ABI resolution and metadata lookups. These are verified vendor resources belonging to the Superfluid organization.
- [COMMAND_EXECUTION]: Utility scripts in the 'scripts/' directory perform legitimate, read-only technical tasks such as fetching real-time Super Token balances from official protocol APIs and formatting chain metadata. No privileged command execution (like 'sudo') is present.
Audit Metadata