aeon-defi-monitor
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of instructional markdown and YAML configuration for monitoring purposes. It does not include any Python scripts, Node.js packages, or shell commands.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from external sources to generate suggested transaction strings for the Bankr tool.\n
- Ingestion points: Data is retrieved from external DeFi APIs (api.llama.fi, yields.llama.fi) and blockchain RPC providers (Quicknode, Alchemy).\n
- Boundary markers: None identified; external data is incorporated into the agent's evaluation logic without explicit delimiters or instructions to ignore embedded commands.\n
- Capability inventory: The skill generates ready-to-use "Submit" payloads for a financial execution tool, which could be exploited if malicious data is injected into the monitoring flow.\n
- Sanitization: There are no documented mechanisms for validating or sanitizing the content of the external API responses before they are used to form output recommendations.
Audit Metadata