dflow-spot-trading
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates legitimate trading operations on the Solana blockchain using the DFlow protocol and its associated tools.
- [SAFE]: External references and downloads are restricted to the official DFlow domain (dflow.net) and its documented MCP and CLI tools, which are consistent with the developer's identity.
- [SAFE]: Instructions for API key management follow security best practices by advising the agent to query the user directly rather than searching for hardcoded secrets or suggesting insecure environment-variable defaults.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface through the processing of external API responses (e.g., token amounts, route plans), though the risk is evaluated as safe given the structured nature of the data and its primary use in transaction construction.
- Ingestion points: Data fields from the DFlow Trading API (/order endpoint), such as inAmount, outAmount, and routePlan (SKILL.md).
- Boundary markers: No explicit delimiters are specified for handling these external data fields in the documentation.
- Capability inventory: The skill utilizes command-line execution via the dflow CLI and network requests to perform token swaps (SKILL.md).
- Sanitization: Data from the API is deserialized into transaction objects; no additional string sanitization is explicitly detailed.
Audit Metadata