monitoring-whale-activity
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard cryptocurrency monitoring utility using public APIs from reputable providers including Whale Alert, CoinGecko, and Etherscan.
- [SAFE]: Data persistence is handled via local JSON files in the user's home directory (e.g.,
~/.whale_watchlist.json), which is standard behavior for CLI-based monitoring tools to maintain state between sessions. - [SAFE]: Tool permissions are restricted via YAML frontmatter using a pattern-matched Bash tool (
Bash(python:*whale*)), limiting the execution scope to the intended scripts. - [SAFE]: Analysis of the Python scripts confirms they perform legitimate data retrieval, formatting, and local storage operations with no signs of obfuscation, exfiltration, or unauthorized command execution.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: Data is ingested from the Whale Alert API in
scripts/whale_api.pyand CoinGecko API inscripts/price_service.py. - Boundary markers: None explicitly defined in the scripts, though output is primarily formatted into tables and JSON.
- Capability inventory: The agent has access to file system tools (
Read,Write,Edit,Grep,Glob) and restrictedBashexecution. - Sanitization: The scripts perform standard data type conversion and truncation (in
scripts/formatters.py) but do not explicitly filter for prompt injection markers in API-returned strings (e.g., wallet labels or owner names). This is a common surface for data-processing skills and represents a low risk in this context.
Audit Metadata