Skills
skills/zeriontech/zerion-ai/zerion-vaultsfyi-watchlist/Gen Agent Trust Hub

zerion-vaultsfyi-watchlist

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands using the zerion CLI tool to manage watchlists, view positions, and retrieve transaction history.
  • [EXTERNAL_DOWNLOADS]: Requires the manual installation of the zerion-cli package from the public npm registry to provide core functionality.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on untrusted external data sources.
  • Ingestion points: The agent ingests data from zerion history (transaction memos/metadata) and vaults.fyi MCP tool outputs (vault names, curator descriptions, and flags).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within the processed data.
  • Capability inventory: The agent has the capability to execute shell commands (zerion) and make network requests via the MCP interface.
  • Sanitization: No sanitization or validation logic is defined for the content returned from blockchain history or the third-party MCP server.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 09:33 PM