defi-portfolio-manager
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses sensitive financial information (portfolio holdings, valuations, and positions) by reading a Google Spreadsheet using the
gws(Google Workspace) CLI tool. This data is used for internal analysis within the agent environment. - [EXTERNAL_DOWNLOADS]: Fetches real-time market data, yield information, and collateral parameters from well-known services including DefiLlama (
yields.llama.fi) and Morpho (api.morpho.org). These requests are performed using standardcurloperations. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and reasons over untrusted data from the public web (via
WebSearch) and third-party APIs (Morpho/DefiLlama). - Ingestion points: Processes news articles and incident reports from WebSearch results, JSON/GraphQL responses from DeFi APIs, and CSV data from user-defined Google Sheets.
- Boundary markers: There are no specific delimiters or "ignore instructions" wrappers used when interpolating external data into the agent's context.
- Capability inventory: The skill uses
curlfor network requests,gwsfor file/sheet access, and has the capability to spawn and coordinate multiple sub-agents to perform parallel tasks. - Sanitization: The instructions do not define any sanitization, filtering, or validation steps for the content retrieved from external sources before it is analyzed.
Audit Metadata