0x-swap
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where user-supplied data can influence tool parameters.
- Ingestion points: User-provided token symbols, contract addresses, and amounts defined in SKILL.md.
- Boundary markers: None identified within the prompt templates.
- Capability inventory: Network requests to api.0x.org via WebFetch and documentation searching via the mcp__0x-mcp__searchDocs tool.
- Sanitization: The skill does not describe any explicit validation or escaping of user strings before they are interpolated into requests.
- [DATA_EXFILTRATION]: The skill is designed to send transaction parameters and the user's wallet address to the 0x API (api.0x.org) using WebFetch. These operations are directed to the vendor's official endpoints to facilitate token swaps.
- [COMMAND_EXECUTION]: The README.md file includes standard shell commands for installing the skill and its related components using npx and plugin installation syntax.
- [EXTERNAL_DOWNLOADS]: The skill retrieves technical integration data and documentation from the vendor's resources using the mcp__0x-mcp__searchDocs tool.
Audit Metadata