Skills
skills/zeriontech/zerion-ai/zerion-vaultsfyi-market-intel/Gen Agent Trust Hub

zerion-vaultsfyi-market-intel

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the zerion-cli package via npm (npm install -g zerion-cli). This package is provided by the vendor 'zeriontech'.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands such as zerion portfolio and zerion positions to interact with the local CLI tool for retrieving wallet information.
  • [EXTERNAL_DOWNLOADS]: The skill connects to a hosted Model Context Protocol (MCP) server at https://mcp.vaults.fyi/mcp to retrieve DeFi benchmark and vault data.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external vault metadata and curator profiles (via vaults_search and vault_details), creating a surface for indirect prompt injection. No specific boundary markers or sanitization steps are defined for this external content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 09:33 PM