aave-v2-plugin

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation scripts and platform-specific binaries from the vendor's official GitHub repositories. Security integrity is ensured by validating every download against hardcoded SHA256 checksums before execution.
  • [COMMAND_EXECUTION]: Orchestrates the onchainos CLI to perform wallet discovery and transaction submission. All commands that modify on-chain state require the user to provide an explicit --confirm flag, preventing accidental or unauthorized execution.
  • [REMOTE_CODE_EXECUTION]: Implements a self-update and dependency management system that downloads code from well-known vendor sources. The implementation follows security best practices by pinning to specific release tags and verifying file integrity.
  • [PROMPT_INJECTION]: Technical instructions and user-facing documentation were audited for bypass attempts or behavioral overrides; no malicious patterns were identified.
  • [DATA_EXFILTRATION]: Network traffic is strictly limited to public blockchain RPC nodes (e.g., publicnode.com) and official vendor domains for versioning. No evidence of unauthorized data harvesting or secret exposure was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:28 AM
Security Audit — agent-trust-hub — aave-v2-plugin