Skills
skills/starchild-ai-agent/community-skills/@1458/dust-sweeper/Gen Agent Trust Hub

@1458/dust-sweeper

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses established DeFi tools (1inch, Birdeye) to perform automated token swaps that match its stated purpose.
  • [EXTERNAL_DOWNLOADS]: The helper script discover_dust.py interacts with the Etherscan API (api.etherscan.io) to retrieve public blockchain transaction data. Etherscan is a well-known and reputable service in the blockchain ecosystem.
  • [COMMAND_EXECUTION]: The skill requests a wildcard wallet policy (allow *) to facilitate approvals and swaps across various token contracts. This broad permission is disclosed as a prerequisite for the 1inch integration and is necessary for the skill's primary functionality.
  • [PROMPT_INJECTION]: The skill ingests token metadata (symbols and names) which is displayed to the user. While this is an ingestion surface for indirect prompt injection, the risk is minimal as the agent relies on verified contract addresses for all transaction logic rather than metadata-derived instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 09:32 PM
Security Audit — agent-trust-hub — @1458/dust-sweeper