liberfi-swap
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill automatically installs the official vendor-owned package
@liberfi.io/clifrom the public npm registry if the command is not found. This is a legitimate dependency required for the skill's operation and is sourced from a trusted provider. - [COMMAND_EXECUTION]: Performs blockchain operations using the
lfiCLI tool. All high-risk commands, such as executing swaps or broadcasting transactions, are governed by strict instructions requiring the agent to obtain explicit user confirmation and perform security checks on target tokens. - [PROMPT_INJECTION]: The skill processes structured data from swap quotes and transaction estimates. To mitigate the risk of indirect prompt injection, it enforces mandatory security audits of tokens and requires a human-in-the-loop for all sensitive operations, ensuring that the agent does not execute trades autonomously.
Audit Metadata