Skills
skills/agiprolabs/claude-trading-skills/copy-trading/Gen Agent Trust Hub

copy-trading

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface identified. The skill ingests untrusted metadata (token names and symbols) from external decentralized exchange (DEX) APIs, which could be leveraged to deliver malicious instructions to the agent through data-poisoning.
  • Ingestion points: The fetch_token_info function in scripts/monitor_wallet.py retrieves token symbols and names directly from the DexScreener API.
  • Boundary markers: The output produced by the monitoring scripts does not utilize specific delimiters or isolation warnings to differentiate between data and instructions.
  • Capability inventory: The skill is documented to integrate with powerful trade execution tools, including the jupiter-swap and jupiter-api tools, which increases the impact of a successful injection.
  • Sanitization: No validation, escaping, or filtering is performed on the retrieved token metadata before it is presented to the agent for processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:36 PM