defi-portfolio-manager
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the gws CLI to interact with Google Workspace spreadsheets, reading financial holdings data into the agent's context.
- [EXTERNAL_DOWNLOADS]: Retrieves real-time yield and protocol information from well-known technology services including DefiLlama and Morpho.
- [PROMPT_INJECTION]: The skill processes untrusted external data from WebSearch and DeFi APIs, creating a potential surface for indirect prompt injection. Ingestion points: external content from WebSearch, DefiLlama APIs, and Morpho APIs enter the agent context via the researcher and auditor subagents. Boundary markers: the instructions do not specify the use of delimiters or 'ignore' warnings for the external data. Capability inventory: the orchestrator can spawn subagents, perform network fetches, and read external files. Sanitization: the logic relies on rule-based filtering (e.g., no shitty assets) rather than technical input sanitization.
Audit Metadata