Skills
skills/zeriontech/zerion-ai/zerion-vaultsfyi-rebalance/Gen Agent Trust Hub

zerion-vaultsfyi-rebalance

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the zerion CLI to perform critical operations such as checking wallet positions, executing token swaps, and performing cross-chain bridges. These commands are integral to the rebalancing workflow.
  • [EXTERNAL_DOWNLOADS]: The documentation directs the user to install the zerion-cli globally using npm install -g zerion-cli. This is a vendor-recognized package necessary for the skill's functionality.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8).
  • Ingestion points: Data from external vaults and DeFi protocols is brought into the agent's context through tools like vault_details, position_details, and transaction_context.
  • Boundary markers: The instructions lack explicit delimiters or guidance for the agent to treat data from the vaults.fyi MCP as untrusted or to ignore instructions embedded within that data.
  • Capability inventory: The skill possesses significant capabilities, including the ability to move assets, perform swaps, and build blockchain transactions via the Zerion CLI and the build_vault_tx tool.
  • Sanitization: There is no evidence of sanitization or strict schema validation for the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 09:33 PM