yo-protocol-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the '@yo-protocol/core' library from the public NPM registry, which is the official SDK for the 'yoprotocol' vendor.
- [COMMAND_EXECUTION]: Documents standard shell commands for package installation using npm, yarn, or pnpm.
- [SAFE]: Establishes connections to authorized vendor-managed API endpoints (api.yo.xyz) and recognized third-party DeFi services (api.merkl.xyz) for fetching vault metadata and reward information.
- [SAFE]: Evaluated for indirect prompt injection risks related to external data ingestion; the skill includes built-in validation methods like 'validateAddress' and 'validateAmount' to ensure data integrity before processing.
Audit Metadata