whale-tracking
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a standard blockchain analysis tool with no detected security issues. It implements data gathering and reporting logic for Solana tokens using legitimate external services.
- [EXTERNAL_DOWNLOADS]: The scripts fetch data from established cryptocurrency infrastructure providers including Helius, Birdeye, and SolanaTracker. These are well-known services in the Solana ecosystem and are used for their intended analytical purposes.
- [CREDENTIALS_UNSAFE]: Security best practices are followed for secret management. API keys (such as HELIUS_API_KEY) and RPC endpoints are retrieved from environment variables rather than being hardcoded.
- [COMMAND_EXECUTION]: The skill does not execute arbitrary system commands or download/execute remote scripts. All operations are confined to network requests and data processing within the provided Python scripts.
- [PROMPT_INJECTION]: No attempts to override agent behavior or bypass safety guidelines were found in the instructions or metadata.
- [DATA_EXFILTRATION]: The skill does not access sensitive local files (e.g., SSH keys, AWS credentials). Network activity is restricted to fetching blockchain data from authorized API endpoints.
Audit Metadata