bitflow-hodlmm-zest-yield-loop

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Orchestrates multi-step DeFi routes by spawning local primitive skill scripts using child_process.spawn. The use of argument arrays effectively prevents shell-level command injection.
  • [EXTERNAL_DOWNLOADS]: Fetches real-time liquidity pool metrics from Bitflow's official API and blockchain transaction data from the Hiro Mainnet API. These are well-known, authoritative services for the Stacks ecosystem.
  • [SAFE]: Implements a robust checkpointing mechanism in ~/.aibtc/state/ to track transaction progress and prevent redundant broadcasts, which is standard for reliable DeFi automation.
  • [PROMPT_INJECTION]: The skill processes external data from APIs and the output of other local skills in bitflow-hodlmm-zest-yield-loop.ts, representing a potential attack surface for indirect prompt injection.
  • Ingestion points: Data from Bitflow/Hiro APIs and stdout from spawned primitives.
  • Boundary markers: The script enforces a strict JSON output contract to maintain data integrity.
  • Capability inventory: Orchestrates other skills that can execute blockchain writes.
  • Sanitization: Validates ingested data as JSON and verifies transaction success independently via on-chain records.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 06:32 PM
Security Audit — agent-trust-hub — bitflow-hodlmm-zest-yield-loop