bitflow-hodlmm-zest-yield-loop
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates multi-step DeFi routes by spawning local primitive skill scripts using
child_process.spawn. The use of argument arrays effectively prevents shell-level command injection. - [EXTERNAL_DOWNLOADS]: Fetches real-time liquidity pool metrics from Bitflow's official API and blockchain transaction data from the Hiro Mainnet API. These are well-known, authoritative services for the Stacks ecosystem.
- [SAFE]: Implements a robust checkpointing mechanism in
~/.aibtc/state/to track transaction progress and prevent redundant broadcasts, which is standard for reliable DeFi automation. - [PROMPT_INJECTION]: The skill processes external data from APIs and the output of other local skills in
bitflow-hodlmm-zest-yield-loop.ts, representing a potential attack surface for indirect prompt injection. - Ingestion points: Data from Bitflow/Hiro APIs and stdout from spawned primitives.
- Boundary markers: The script enforces a strict JSON output contract to maintain data integrity.
- Capability inventory: Orchestrates other skills that can execute blockchain writes.
- Sanitization: Validates ingested data as JSON and verifies transaction success independently via on-chain records.
Audit Metadata