defi-portfolio-manager

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gws CLI to interact with Google Workspace spreadsheets, reading financial holdings data into the agent's context.
  • [EXTERNAL_DOWNLOADS]: Retrieves real-time yield and protocol information from well-known technology services including DefiLlama and Morpho.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from WebSearch and DeFi APIs, creating a potential surface for indirect prompt injection. Ingestion points: external content from WebSearch, DefiLlama APIs, and Morpho APIs enter the agent context via the researcher and auditor subagents. Boundary markers: the instructions do not specify the use of delimiters or 'ignore' warnings for the external data. Capability inventory: the orchestrator can spawn subagents, perform network fetches, and read external files. Sanitization: the logic relies on rule-based filtering (e.g., no shitty assets) rather than technical input sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 08:08 AM
Security Audit — agent-trust-hub — defi-portfolio-manager